Yes, an ec2 instance can be hacked.
I wouldn't worry too much about the platform it's self. Amazon are spending a hell of a lot of money to keep their systems secure. Instead I would worry about the software you put on top of the platform.
Some tips:
Make use of the security groups to limit the visibility of your machines to the outside world.
Try to avoid storing your aws keys in the cloud.
Setup 2 factor authentication for access to the AWS admin console.
Use encryption such as Gazzang if you're running mysql
SSL for all file transfers, etc.
One thing I'm doing is setting up a linux based reverse proxy in a 'DMZ' if you can call it that in AWS, and having that forward to our Windows based web servers. I'm about to make a thread asking for help setting up SSL on this machine
Do note, there are some potential exploits for AWS such as
this.
