What a masterclass on what not to do:
It is worth reading the articles linked too, except maybe the log of the IRC conversation. It has almost, if not everything: no encryption for emails, bad software, weak passwords, password reuse, employees not challenging bosses when they appeared to have forgotten their username… Great examples of situations not to fall into and ways not to operate in.
If seeing the consequences of it all do not give you good reasons to apply minimum standard to your communications, I do not know what will.