No matter how small or big a web hosting company is, there is going to always be some vulnerability. Let’s take MediaTemple for a large scale example. They cater to Sony, Adobe, and Starbucks Coffee, three of the most popular companies. They also provide four different packages that are widely used by the mentioned companies.
They are always working on their servers to make sure they are secure and work properly for their clients. They post daily updates on their blog and Twitter on downtime, issues, and other information that their paying customers should know about. They also always make sure that their control panels, forums, and help desk are up to speed and work smoothly.
However, last year things took a slight downturn for them. One of their hosted sites had been DDoS attacked which took down the whole grid cluster. Luckily, the whole idea of having the grid option is to keep your data in separate areas so in case something like that happened. However, they had to move people to different IPs and fix the problem. Things were going well, but then the same site got another strain of a DDoS attack which took down their servers again for the second time.
So while smaller web hosting companies may be at risk because of their size and their eagerness for accepting every customer that comes by, the same could very well happen to a popular company that knows what they’re doing. No hosting package is completely safe, backup options were created for a reason.