"found to be rather breakable"
Just to be clear: nobody has yet produced any two files that have the same SHA-1 hash, and your $100K of cloud computing resource will not do this today.
Every time someone asks "how bad is the SHA-1 cipher?" the answer is "easier to crack than you thought", so Mozilla's considering killing it off six months ahead of schedule, on 1 July 2016. The outdated and vulnerable hashing algorithm was this month found to be rather breakable for attackers willing to splurge just $US75,000 …
your $100K of cloud computing resource will not do this today.
You have to assume that an attacker has substantially more resources than £100K of cloud computing. The NSA annual budget is about $11 billion, for example, and computers aren't getting slower.
Biting the hand that feeds IT © 1998–2019