Putting a file of user data on a laptop is a fireable offense at at any reputable organization.

Correction, it's only a fireable offense if the employee of said reputable organization let's the file become compromised somehow, there's huge PR blow back, and the organization needs somebody's head on a platter in show of how serious they take the issue. Otherwise, m'eh.

The laptop was compromised while running. We do not know whether the disc was encrypted or not.

If it was exploited through the JRE, then it doesn't really matter...

On the other hand the disk or better said the partition with sensitive data should decrypted (mounted) only when needed. I doubt he needed that data during the conference.

Kinda odd isn't it. My organization issued me a laptop to store all the confidental financial data I work with.

One imagines it was bitlockered, and you were required to inform them the instant of a loss and hence possible data breach - where upon the company would have to pass the data on to any clients whose data might have been compromised (and the public body governing data security)