Maffin infrastructure is lightweight, we only serve our website which has all the functionality to then work locally so there is not much to hack on our side. The code is open source so can be tracked that nothing weird is happening there.

Maffin uses Google Oauth to authenticate and access your data (in your Google Drive) so if that is hacked (which then big problems would happen in the internet in general) then hackers would gain access to your data. The only way to protect that would be to export/import your data every time and save it locally.