So I may have missed the details. I thought we knew they hacked Belgacom, but no one mentioned going through employee's personal email and social networks (though in light of this, we can assume they did). If they did mention it and I missed it, sure, nothing new. But the same entire thing then just applies to that instance too.
> While working to assess the extent of the infection at Belgacom, the team of investigators realized that the damage was far more extensive than they first thought. The [ed: NSA] malware had not only compromised Belgacom’s email servers, it had infected more than 120 computer systems operated by the company, including up to 70 personal computers.
I don't remember the reporting on the Belgacom hack mentioning that they were casually querying X-KEYSCORE as they reportedly did here to identify potential targets.