Threat actors may exfiltrate data by transferring the data, including through sharing/syncing and creating backups of cloud environments, to another cloud account they control on the same service.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.