How much would you bet against the people described below having even better versions of those two hacks, and being fully aware of Amazon's supply chain?
"The book included a photograph of intercepted packages being opened by NSA agents, and an accompanying NSA document explained the packages were “redirected to a secret location” where the agents implanted surveillance beacons that secretly communicated with NSA computers." -
https://firstlook.org/theintercept/2014/10/10/core-secrets/
Having said that, I suspect in light of recent Snowden releases - it seems a bunch of German and Brazilian commercial businesses who probably didn't expect they had to consider the NSA as a plausible attacker are now having exactly those discussions.
I suspect _any_ prudent CSO of any company who's commercial competitors include politically connected US companies is now wondering whether they also need to consider that risk.
Just don't count on something being 'unhackable'.
AFAIK there are no published flaws in S3 static hosting.