It's hard to know what this means. For the one person whose information has been published, emails were retroactively classified. That is, they weren't classified when they were sent. That means that even if they hadn't used Clinton's server, they wouldn't have been stored securely, since they didn't consider them classified.
So this isn't really about Clinton's mail system, but about 38 people who didn't classify things they should have.
Note that what was considered classified included lists of people invited to meetings, so as not to cause embarrassment for people not invited. So it's hard to know how serious this is. The report did say the following
"While there were some instances of classified information being inappropriately introduced into an unclassified system in furtherance of expedience, by and large, the individuals interviewed were aware of security policies and did their best to implement them in their operations," the report also said. [
State Department's investigation found 38 individuals violated classification rules in relation to Clinton email server - CNNPolitics]
It's hard to believe that they would have said that if the secrets were serious.
It would be interesting to see what this kind of detailed review would turn up if conducted on 30,000 other unclassified documents. The summaries on the news are light on specifics of violations. 91 of the violations seem likely to be underclassification. But the rest, which they couldn't attribute to individuals. What does that mean? It should almost always be clear who sent them email. If they are all underclassification that's a 2% error rate, but I wonder. At any rate, that seems pretty low to me. Not if we were talking about the nuclear launch codes. For those I'd expect a nearly 0% error rate. But it's very unlikely that that's what they're talking about. (It would be nice if they had told us how many were retroactively classified to be top secret, secret, confidential, etc.)
Here's an example of a detailed examination of 231 emails. (It's the first detailed study of email classification I turned up in a search.) It found that 65% of them had classification errors! That term is fairly vague, because it covers technical violations such as bad labelling. About 1% of them were underclassified. That's the type of error everyone thinks about with Clinton's email (messages that should have been classified but weren't), though it's hard to be sure.
https://www.energy.gov/sites/prod/files/2014/04/f14/Inspection Report-IG-0904_0.pdf. It's simply unreasonable to expect perfect compliance, particularly when there is room for interpreting rules. (It would have been interesting to submit the 231 documents to two different teams and see how well they agreed.)