← Blog
Cloud security5 min read

What happens if your cloud provider gets hacked?

Provider breaches are not hypothetical. What an attacker actually gets depends almost entirely on whether the provider holds the keys.

Try it in one click.

Three private surfaces. Same zero-knowledge architecture.

The honest framing No provider can guarantee that it will never be breached. What it can guarantee — through architecture — is what an attacker would find if a breach happened.

In a traditional cloud Servers hold the keys to data at rest. A successful breach of the right systems can expose plaintext files, search indexes, previews and metadata. The blast radius is large.

In a zero-knowledge cloud Servers hold ciphertext and wrapped keys that can only be opened by the user's password-derived master key. A breach exposes ciphertext, not content. The blast radius is small.

What this means for your decision - For files you would not mind seeing in a leaked dataset, either model is acceptable. - For files you would mind, the architectural posture of the provider is the most important variable — more important than badges, certifications or marketing.

How DRIVUNO is designed for this case DRIVUNO assumes that breaches are possible and designs around that assumption: no server-side decryption path, minimised metadata, audited primitives, and explicit threat-model documentation.

The breach math If a provider holds the keys, a breach of the provider potentially exposes every file they store. Encryption at rest helps against a stolen disk, not against an attacker inside the control plane. History — from large enterprise leaks to single-user account takeovers — keeps proving this.

What a breach of a zero-knowledge provider looks like Stolen ciphertext, stolen wrapped keys, stolen metadata. None of it is decryptable without the user's password (Argon2id-derived) or the user's recovery key. The attacker walks away with opaque bytes — which is the point.

Why DRIVUNO uses defence in depth anyway Strong KDF parameters, audited primitives, recipient-specific key wrapping, revocation, view-once, and explicit metadata minimisation. Architecture first, hardening on top.

Try it in one click.

Three private surfaces. Same zero-knowledge architecture.

Encrypted on your device · upload in 1 click
Upload