The beauty of the cloud is that individuals are no longer tied to data and or other resources that are tied directly to their local machine. The downside to this is that without proper account management/data security policies in place, your essentially given anyone with internet access the keys to your kingdom. There have been countless incidents where resources hosted on AWS (along with other cloud platforms) were made accessible to the public. No access control measures were put into place by the individual/company allowing an endless amount of data to be accessed by those who who don’t have a need to utilize said resources.
I’d like to point out that this doesn’t mean that the cloud (or cloud service providers) is inherently insecure. It just means that individuals/companies need to do a better job at understanding the risk associated with putting information and systems on the cloud and ensuring that proper access control measures are in place.