Photo via abhisawa/Flickr (CC-BY)
The tool was discovered by Yahoo cybersecurity experts in May 2015. They originally believed that the company had been hacked.
The demand to spy on all Yahoo's users was classified. This may be the broadest surveillance ever disclosed to the public. It's not clear whether other American tech companies are now, or have ever been, under similar orders.
Right on the heels of news that Yahoo was hacked by a foreign state-sponsored actor, putting some 500 million users at risk, it turns out the Americans were eavesdropping as well.