There have certainly been some high-profile security breaches of cloud services in the news lately. Equifax is a great example of that.
Less frequently reported, though undeniably more widespread, are the regular intrusions into personal computers and private data centers that are also happening with distressing regularity. For example, the WannaCry ransomware attack.
Storing your data in a professionally run data center (like those we operate on Amazon’s infrastructure) means you get access to much more advanced anti-intrusion measures than you’re likely to be able to manage as an individual.
You might argue that using a client application inherently protects you from attacks, but unless you’re also isolating your system from the internet as a whole (never connecting to shared networks, never installing software, never opening email attachments, &etc.) you are still vulnerable.
Cloud computing, especially on devices like Google’s Chromebooks, really can protect you and your data very effectively. There are significant security barriers in place that are very difficult for malicious folks to bypass.
This is among the most common attack vectors into your system. Malicious people crack software installers so that they appear to install a popular commercial application for free. What you can easily miss, however, is that they may also install extra malware. You really have to be careful about this. Especially if you’re worried about personal data security.