Sure, your iCloud data is encrypted, but what about all the metadata that Apple collects from your phone or on the files in iCloud? What about everything else you're doing on your phone? It's not just about having access to the data of your files.
Also, not having encryption on by default is creepy and purposeful.
Look, I have no interest in convincing you, you can also find some materials online but yeah, plenty of this info is closed source, that's just how it is with some industries.
If you want to throw caution to the wind because you couldn't find anything that is your choice.
Apple is not an option for me as they are completely closed source and super invasive of customer privacy (their privacy claims are "only we will know everything about you" which is creepy AF)
On the same concept I can also say that hou should just use a linux phone as these are very likely to be kept updated for years, but it's not really a reasonable option for this situation.
Look, when it comes to security statistics, a lot of it is locked behind closed doors in all kinds of big security companies. I can tell you personally that I have worked in such a company and you could see a lot of exploitation (attempts) on Android devices. It was there.
Look once there's a CVE and there is a POC for it. Usually there comes a Metasploit module for it and then it's for sure being used by a bunch of people.