Double edged sword of Damocles
> credited the severity of the attack to the unification of institutions and ministry data
You bring everything together, which can[1] reduce duplicates, reducing maintenance costs and ensuring consistency across departments; allow more cross-referencing and make novel searches possible; breaks open data silos and exposes data hoarding (of all types). So, a Good Thing.
Exposes you to attacks where a single entry point can disrupt everything; where one poisoned entry appears in all departments' reports; where one bad DR plan (and "no plan" is a bad plan!) ruins it for everyone. So, a Bad Thing.
What, then, is the better arrangement for practical purposes?
Yes, yes, having a proper DR plan (and keeping it active and tested) and perfect security (active & tested) *is* the best arrangement, but just imagine you can have flaws, even in something *you* set up.
[1] note "can", not saying they did in this case - not enough info