On one level, Xero hasn't had a lot of luck with its US data partners.
In November 2017, just as the Kiwi cloud accounting software company announced it had integrated its software with Equifax, the North American credit report giant announced it had been the victim of a massive hack - at the time, thought to be the largest in US history.
Now, Equifax has been eclipsed in scale by another hack, with Capital One losing more than 100 million credit card applications to a hacker.
Capital One is also a marquee Xero partner in North America, with the bank's customers able to feed data directly into Xero under a tight integration agreement.
But as with Equifax, Xero says there's no need to panic.
"Security is of the utmost importance for Xero and like other online businesses we are constantly vigilant about protecting information on our platform," Xero spokeswoman Kate McLaughlin says.
"Xero's partnership with Capital One in the US enables Xero customers to access their Capital One financial data through a secure integration with Capital One's API [application programming interface].
"The Capital One issue does not affect Xero, our systems, the API or data that we hold."
The Capital One hack immediately raised fresh doubts about the safety of story data in the cloud.
But although the US bank's stolen data was hosted Amazon's AWS cloud platform, initial indications are that the hacker (alleged to be 33-year-old software engineer Paige Thompson) exploited a firewall vulnerability on Capital One's own network.
Capital One, the Virginia-based bank with a popular credit card business, announced Monday that a hacker had accessed about 100 million credit card applications, and investigators say thousands of Social Security and bank account numbers were also taken.
The FBI has arrested Thompson, who's on a charge of computer fraud and abuse, according to court records.
The hack appears to be one of the largest data breaches ever to hit a financial services firm.
In announcing the data breach, Capital One emphasised that no credit card numbers or log-in credentials were compromised, nor was the vast majority of Social Security numbers on the affected applications.
Capital One was alerted to a problem on July 17 after a person in an online discussion group had claimed to have taken large amounts of the company's data, according to the complaint.
Retail giant Amazon told The New York Times that its cloud had stored the stolen Capital One data.
But the bank said that "this type of vulnerability is not specific to the cloud," adding that it was able to quickly diagnose and fix the issue because of its "cloud operating model."