Yes, but ideally peoples do not want only at rest encryption.
Peoples wants per client encryption that the server can’t even read.
But then if you need to restore the client; you need to gets the key/pass from a likely centralized location.
If a server get hacked, it most probably get hacked “live” and allow access to the partition.
Hence why there s also this discussion about how to read the gdpr. That it s basically a best effort policy, which allows you to not follow it if for example it s prohibitively expensive to follow.
In that case the centralized location could also be the backup server.
Somehow this would not be much different from not encrypting the backups.
At that point i am assuming that a client can’t restore data to itself that it’s not supposed to be able to. Restoring data from a different client be a very reasonable use case.
Hence my suggestion to allow something like only rot13 encrytion (ok, any better password based encryption would do). This would at least avoid a hacker to simply search for file content like an easy to parse mail address and whatnot, he would need to know the app and how it works.