There are two major types of public cloud computing attacks: single-tenant and cross-tenant. A cross-tenant attack is the stuff of IT nightmares, but it has not yet occurred. (In a cross-tenant attack, the hackers gain root-level access to the cloud and thus access to most or all of the tenants — including you.)
Single-tenant breaches are more likely to occur. In these attacks, the hacker has compromised one or more machine instance, but can’t go beyond that. The most likely cause of a single-tenant breach is that user IDs and passwords have been compromised. That’s typically due to malware or phishing attacks on client devices. In this case, it’s all on you; the cloud provider has done its job, but you haven’t done yours.