Here we have a risk that requires mitigation. If you owned the facilities in question you would know your disaster preparedness and would know how much effort you are willing and able to put into enhancing it.
But since you don't own these facilities you have to trust the companies that do own them to do what you would do (or better). The only real controls you have are in negotiating the initial contract (regarding SLAs, especially) and in designing your system to withstand a failure of one company to protect their facility. That means you have to either buy resources on both coasts from one company or buy resources from multiple companies whose facilities are geodispersed and make sure your code/platform understands and deals with losing one or more of them.
The leggy gal on the sales team won't tell you any of this. I think most people don't find out about it until the disaster actually happens. It's pretty much like any other piece of your tech stack: the vendors will whitewash the risks and your job is to see through that and manage it.
I submit this isn't a risk caused by the use of "the cloud" (egad, do I hate that term!) so much as a risk that's part of any IT project and you deal with it the same way.
So to answer the original question, maybe a CAT 5 hurricane can take those facilities down but the question you should be asking is, "Have we completely understood the risk to the business and have we taken appropriate steps to protect it?".