It’s a double-disturbing story. Thanks for sharing!
They also paid a third party contractor “six figures” to help develop a zero-day exploit in Tails: a bug in its video player that enabled them to retrieve the real I.P. address of a person viewing a clip.
It’s interesting to observe the assymetry: with the exploit costing “six figures” that may essentially ammount to tail’s yearly budget.
Linking here the original article: