YOU ARE BOTH RIGHT AND WRONG TO BE CONCERNED ABOUT THAT EARLIER HACK, and that is why you do need to follow the improved security protocol. Do not simply download the iso and go, like we all used to do back in the day.
At the same time, the fact that LinuxMint servers were off-air till the issue was resolved should reassure you that the same hack will not occur again -- or at least if the hackers do get through the new security on the servers (some of which is prudently kept to a need-to-know-level) the LinuxMint devs have crafted a final step in the security of their installs that involves some five minutes work for you, the user.
If you do not follow those new additional steps, then LinuxMInt is safer than it was back in the day, but nobody will have any sympathy if toy take the risk at your end and get bitten.
One of the big pluses for LinuxMint is the way that Clem and colleagues immediately pulled the plug and did everything they could think of to minimise future risk. They took full advantage of the free software ethos and copied security protocols from more than one other distro, combining several ideas from other people's best practice.
We could criticise them for their earlier complacency, and they apologised at the time: however my view is that devs who have learnt from a serious and seriously embarrassing mistake are going to be safer than devs who never made that mistake.
Out in the real world, I stepped out into a new bike lane once (that hadn't been there when I was in that part of town before) and got run into by a cyclist who in coming off his bik head butted me in the mouth at his full speed. Totally my mistake. I felt embarrassed as it was totally my bad; and the guy was apologetic which he did not need to be, and waited with me for an ambulance. Short term outcome was a few hours in A&E (ER for US folk). Long term outcome is that I have broken front tooth, AND more importantly that I now always remember to look before stepping into a cycle lane (especially that one).
So yeah if you are not going to use Qubes (see my earlier reply on that option) I would say that LinuxMInt is more secure than any Linux distro that does not give you the same three stage security protocol during and after download.
During? Yes, indeed, you can usually complete 2/3rds of the security stuff in a terminal window while the iso downloads.
My advice is to start the iso download running, then to download the other three small files while it is doing so.
Read the one about how to do it; and open a terminal window.
If you do not understand the instructions, or they do not seem to work for you, ask for help DO NOT JUST SKIP THESE TESTS.
I usually use sudo -i as my first command - it logs you into a session where you do not need to keep entering sudo before every command, and even if you do you will not have to keep entering the password. Reminder: do not stay in a sudo -i window for normal work!
Register the LinuxMint gpg keys do this even while the main download is coming in. (You do not need this step if you did it before on the same computer, unless you find in the next step that the old ones no longer work.)
The command is in the instructions and you can copy & paste them into the terminal. You can then use the command they give you to verify that the other file (which contains sha checksums) is legit.
Tip: did you know that you can set up most Linuces to paste into terminal by clicking both buttons at the same time? Note if you use a three-button mouse then centre click does the same). Skip the rest of the italics if you already do this successfully...
- Test this by putting the text "echo foo bar" (without the quotes into a text file or word processor doc). Copy that text in the usual way.
- Open a terminal window
- position the mouse pointer somewhere near the terminal cursor (if you cannot hit it exactly, it needs to be after rather than before on some systems)
- click both mouse buttons at the same time
- if the command and the words "foo bar" appear in the terminal then you have learnt something, and can skip the rest of the italics
- in the LinuxMInt menu go to Preferences then to Mouse, or maybe Mouse and Trackpad.
- look for and select an option that says something like either of the following
o Paste current selection when both buttons are clicked; or
o Treat clicking both buttons as centre click
- back to the terminal window and try the both-button-click again
- if it works great; if not ask for help about "centre click and paste" in a new post.
Then as soon as the download completes, you can run the final check.
The three stages achieve the following, and each one adds security.
1. The gpg keys allow you to know that the file containing the checksums came from a legit LinuxMint source. These keys are kept well away from the other servers.
2. Once you have those keys, the checksum file (sha-whatever) allows you to actually do that check on the checksums. The earlier major hack involved the hacker not only inserting a fake iso, but also inserting a fake verification file, thus fooling people who followed the security protocol at that time).
3. Then when the download completes (and I find I can get through steps 1 and 2 while that happens, and on a slow connection I have time after doing the first steps to grab a tea or coffee).
I hope that helps reassure you about the earlier hack. Yes it was serious, yes Clem and colleagues have tightened their act up since then. In my opinion, immediately after LinuxMint servers came back online it was the most secure OS out there apart from Qubes (which I described in an earlier post).
Most people find LinuxMint good enough for everyday purposes, you may want to consider it for banking and finance.
Qubes recommend against running Qubes in dual-boot: so if you keep a separate machine for banking and finance (like the OP does) then it is worth at least considering it.
It is also useful if you have more than one user who uses the same hardware for banking, as I will describe when I go back to edit my Qubes post. That is the only time I have considered Qubes essential: when it is just me on my laptop I feel safe enough on either LinuxMint 20.2 (my previous install) or on LMDE 6 (my current one)