And their feat was made possible by a bug that, ironically, was practically created by the NSA itself and its anti-encryption policies from 20 years ago.

The NSA's site was just the guinea pig to demonstrate a newly-disclosed internet flaw called ?FREAK.

The bug, first ?disclosed on Monday by Akamai, allows an attacker to intercept a supposedly secure connection between people using Android or Apple devices and thousands, if not millions, of websites. This gives the hackers the chance to impersonate said website and steal confidential data like passwords and logins.

Now, as crypto expert Matthew Green correctly ?pointed out, this wasn't really a "hack." Mounting a man-in-the-middle attack against NSA.gov is not the same as hacking the NSA (as an always-appropriate XKCD cartoon illustrates).