Do you have a source? I only recall the Le Monde [0] article. And was the nature of the breach? You have something uploading to Shanghai for 5 years - and nobody noticed?
According to the person I spoke to on the team that responded, and helped set up the new replacement system and network, there had been warnings for years about the adoption of the system and the lack of any real monitoring, but those were ignored because it was considered politically sensitive to double-check on what the Chinese had provided.
It was a new member of staff who did their own experimentation without authorisation who found it and sent it up the chain, to point where it couldn’t be ignored or hidden anymore. Mostly because that made the delegations aware of how terrible security was, whereas before it seems they’d assumed the organisation had that covered.
[0] https://www.lemonde.fr/afrique/article/2018/01/26/a-addis-ab...