Great article here on supply-chain attacks. Many people assume that using the “big boys” in our industry makes them safe – but even they have their flaws. Encryption and proper security measures should be taken to protect the data itself, as all infrastructures have flaws in their design:
https://www.darkreading.com/cloud/understanding-supply-chain-cyber-attacks/a/d-id/1330808