In the recent web attack instances, it's not just known plaintext, it's using compression to discover unknown plaintext by repeatedly guessing across multiple requests and watching for the request size to change. So an attacker would need the ability to alter your filesystem and make backup requests, repeatedly, for that attack to matter to Tarsnap.