I suspect any cloud service without strong encryption at rest ala Protonmail will have insider threat issues. Hell there's an entire Wikipedia article entitled "Saudi infiltration of Twitter"[1] just to give one example.

This is anecdotal, but once when I worked for a well known NGO as an experiment I created a document outlining what our positions would be for a meeting with representatives from a certain country[2].

We in fact were taking very different positions, and using different points to support those positions.

The delegation was visibly shaken, surprised, and I daresay upset that they were completely unprepared for our meeting -- they basically refused to dialogue (the entire purpose of the meeting) and ran home to ask their overlords in the embassy what to say.

I am doubtful that they deployed zero day malware onto our network -- I suspect they had an insider at company whose cloud offering I used to create the false flag document.

Sometimes it surprises me, as someone who got my education in tech by reading Slashdot comments and researching the terms I did not understand, how trusting this generation of hackers is.

[1] https://en.wikipedia.org/wiki/Saudi_infiltration_of_Twitter [2] I won't say who other than "not KSA"