If an eavesdropper records all traffic between client and server, he/she will also record the encrypted session key. If the server's private key is compromised, the eavesdropper can decrypt the session key and use it to read the rest of the communication for that session.
