Once again alleged leaks from 🇵🇱 gov officials allegedly using private mailboxes for work. Assuming leaks are genuine, who did it doesn't really matter - the root cause is negligence of public officials and they are the only to blame 🤷 And they are to blame for both using private email for work, and for using it without sufficiently strong authentication.
https://oko.press/wyciek-rzadowych-danych-szerszy-niz-wiedzielismy-jest-kolejny-kanal/
In the private sector, especially financial, regulators would be all over company employees sending work documents with private email.
FSA/FCA archives are full of multi-million fines for such violations, even if they didn't end up in a breach.
But not in public sector in Poland - you can send whatever to whatever crappy private email you have and you're a "victim".
Can't say about efficacy of their internal procedures but indeed the published breaches are few and you don't have public ministers private email routinely breached in the UK.
In Poland the attitude where politicians feel like the law is for anyone but themselves is still very widespread, and they are often simply arrogant and poorly educated.
My colleague made a point that you can't really fire and "elected politician" but ministers are not elected, they are nominated. In general, the percentage of elected individuals in public sector is rather small, and "firing" is a punishment suitable for violation of *corporate* procedures. At the same time even elected officials are subject to the laws they have enacted.
@kravietz when I worked in public service in UK during early 2000s, they made it as difficult as possible to get work documents out of the place using private email - all the webmail providers were blocked and all sorts of things were scanned for, with Security Service and GCHQ providing cybersecurity monitoring for the wider public sector.. I'm not sure if things are as strict as back then today, but there are relatively few data leaks from UK public sector compared to other countries..