According to the sources, it seems that an employee or a contractor mistakenly left the NSA hacking tools unattended on a remote server about three years ago during a cyber operation. The NSA was aware of the incident and did not inform the companies of the risks related to the exposure of the exploits.
Source: The leak of NSA hacking tools was caused by a staffer mistakeSecurity Affairs