If you want to assign responsibility for these leaks, assign it on the people who have taken action: the hackers who obtained them and the organization that published them.
Neither the writers nor recipients in this exchange bear responsibility for their exchange being published without their consent.
A sender of an email should not bear responsibility for an underlying email system's poor information security (expect in specific cases in which they are highly-technical and are transferring highly confidential information).
It is the administrator(s) of the email server's responsibility to ensure that both their users and the people they interact with are given basic protections against hackers.
There is no point in blaming a hacker for attacking an email server as they will not listen to you.
The only sane solution is for the administrator of the email system and those that hired them to be responsible for how secure their systems are and to act accordingly.
Neither the writers nor recipients in this exchange bear responsibility for their exchange being published without their consent.