I was seriously unimpressed by this article. "If your backup account is hacked, your data may be vulnerable." Why yes, that is kinda true.
To which I'd add, If your brokerage account or bank account is hacked, your money is vulnerable. If your healthcare provider is hacked, your medical information is vulnerable. If a major credit report agency is hacked (hey wait, that happened ...) all your credit history and details around that history are vulnerable. If your machine is infected by malware, everything on it may be vulnerable. And email ... if your email account is hacked, is there anything in those emails of interest to a hacker?
The better backup services encrypt your data at rest and during transmission. Some will allow you to provide a key that *they do not retain*. So hacking the backup provider won't get you anything except a bunch of files protected with state of the art encryption. Of course, if only you know the key, should you lose/forget the key your data on the backup servers cannot be retrieved.
The article also extols the virtues of password managers, which I agree with; password managers are great and much better than the alternatives. Alas, if your password manager gets successfully hacked... well, that's bad since now all your accounts and passwords are vulnerable, conveniently organized in one place. If I were interesting in hacking, I would be targeting password managers and financial accounts, credit reporting agencies
, etc. Hacking individual cloud backups seems like a poor use of hacker time; sifting through, in my case, about 5 TB of data the vast majority of which is not valuable, to try and get ONE person's data. Versus going after financial institutions, etc, where the percent of interesting information is much higher.
The threat to my data is much less from my cloud backups than from many many other things. Take for example the
Equifax breach in 2017. Nothing you as a consumer could have done to prevent that hack.
