IMO the fines are made to sound scary, and are relevant for large corpos, but the ICO or whatever body for your country, has no interest in prosecuting an individual. What is a ‘percentage of revenue’ on something that makes no revenue anyway.
Even if they did take interest it would start with an opportunity to correct things before prosecution.
AWS/Azure are incredibly expensive compared to most hosting providers. If you need the services and scale they provide then they can be good value but there are for sure expensive.
When enrolling with the 2FA take a screenshot of the QR code, print it and add it to wherever you keep your secure documents. The QR code is your private key, just scan it again to add a new device if you lose your original.
Obviously you need to keep the code secure!
It amazes me that anyone will fill in their actual date of birth on an online system outside of a government or bank system. Just put a fake one in, no one is going to check! Jeez.
My CDN bill recently went from about $5 a month to over $200. Turned out it was Tictok’s spider relentlessly scraping the same content over and over again.
It was ignoring robots.txt. In the end I just had to ban their user agent in the CDN config.