I would certainly not be an advocate of ignoring the risk - quite the opposite - but I think it is useful to ensure the issue is viewed with some perspective, and an acknowledgement that even though the weakest link in the security of almost any system is the actual user, much can be done to secure systems from hacking (meaning unauthorized access as opposed to mistakenly downloading malware) that can reduce the risk of data loss to as close to zero as possible.
Part of the problem here is that even with an external hard drive, if that drive is running when you are 'hacked' your data is just as vulnerable as ever. As such, while it's certainly more secure to use an external, it is only so if it is off. A more thorough solution is to follow a few basic principles to secure the system against prying eyes in the first instance.
First is the realization that due to the architecture involved, MacOS (and particularly, the latest versions of it) is considerably more resilient to hacking than Windows. A hacker cannot simply take control of the OS and gain access to the system as a whole.
Even so, it is better to prevent a hacker from even finding your system in order to attempt access to it, and the first and most significant step is to add a hardware firewall with network address translation (NAT). While that sounds quite complex, it's actually a feature of almost every router, even those intended for domestic use. That way, the ISP's public IP is not assigned to the system but to the router, and private IPs are used 'inside' the network. Hackers might be able to discover the router, but finding systems behind it is then much harder. To obstruct those who manage to find your system even so, switching on the in-built software firewall in MacOS also helps (in Leopard is in the Firewall tab of the Security preference pane), and setting restrictions on which applications can then access the internet, along with restricting incoming connections adds limitations on what they can manage to do - at least without giving some indication to the user. On top of that, a good third-party firewall such as Little Snitch can add a degree of additional security, while still being very easy to set up and use.
Setting Safari
not to automatically open safe files on downloading (in the general tab of Safari's preferences) will help avoid malware from gaining unobstructed access to the system, and using the freeware ClamXav set to monitor email, document and download folders, along with any others that are sensitive to the individual will help protect against the potential for future malware.
It's also possible to do things with folders and user accounts that help hide data.
http://www.tuaw.com/2007/09/17/secure-your-mac-crouching-user-hidden-folder/ for example gives a couple of good starting points that would help keep data away from prying eyes.