[plingbang]

> Or you can end up like the people who lost their data [1]

I don't see how encryption at rest could've changed the outcome.

In the article, the cloud provider, which has full control over the VMs, was compromised. The VMs were hosting various Bitcoin services, which needed continuous wallet access for operation. So, I'd say there was no data at rest to be secured. The attackers could theoretically patch the application to make malicious transactions or just extract the wallet from RAM.

Also, the article suggests that the attackers were getting inside the running VMs rather than accessing VM storage directly.