Yeah. I think the encryption is unlikely to be compromised. But given the centralized identity servers the metadata could easily be compromised.