Citing two anonymous sources “familiar with the matter,” Bloomberg News reports that the National Security Agency has known about Heartbleed, the security flaw in the OpenSSL encryption software used by a majority of websites and a multitude of other pieces of Internet infrastructure, for nearly the entire lifetime of the bug—“at least two years.” The sources told Bloomberg that the NSA regularly used the flaw to collect intelligence information, including obtaining usernames and passwords from targeted sites.

“When Edward Snowden warned that the NSA is ‘setting fire to the future of the internet,’ this is presumably the kind of thing he was talking about," said Jameel Jaffer, deputy legal director at the American Civil Liberties Union, in a statement emailed to Ars. "If this report is true, then the NSA is making hundreds of millions of people around the world more vulnerable to hacking and identity theft, and it’s compromising the trust that allows the internet to function. The NSA has lost sight of its mission, and it has lost sight of the values of the society it’s supposed to be protecting.”

The NSA has issued a statement denying the report. In an email to Ars, NSA spokesperson Vanee VInes provided this official statement: “NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cybersecurity report. Reports that say otherwise are wrong.”

As Ars reported on April 9, there have been suspicions that the Heartbleed bug had been exploited prior to the disclosure of the vulnerability on April 5. A packet capture provided to Ars by Terrence Koeman, a developer based in the Netherlands, shows malformed Transport Security Layer (TSL) Heartbeat requests that bear the hallmarks of a Heartbleed exploit. Koeman said the capture dates to November of last year.

But if the NSA has been exploiting Heartbleed for “at least two years,” the agency would have needed to discover it not long after the code for the TLS Heartbeat Extension was added to OpenSSL 1.0.1, which was released on March 14, 2012. The first “beta” source code wasn’t available until January 3, 2012.

That means that the agency would have had to learn of the flaw in the code within days of its full release at the latest. While not impossible, that possibility seems highly unlikely unless the NSA dedicated resources to follow the project while in development, watched changes in code, and did ongoing extensive analysis. According to budget documents published by the Washington Post in August 2013, the NSA spent $25 million in 2013 on zero-day exploits from “private vendors.”

When asked in the about the use of exploits by the agency in advance of his confirmation hearing, NSA’s new director, Vice Admiral Michael Rogers, said in his testimony that “the default is to disclose vulnerabilities in products and systems used by the US and its allies.” If the NSA opted in the case of Heartbleed to save the vulnerability for intelligence purposes, it would run contrary to that avowed tendency.

The Office of the Director of National Intelligence's Public Affairs Office issued the following, categorical denial of the Bloomberg story:

NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private sector cybersecurity report. Reports that say otherwise are wrong. Reports that NSA or any other part of the government were aware of the so-called Heartbleed vulnerability before April 2014 are wrong. The Federal government was not aware of the recently identified vulnerability in OpenSSL until it was made public in a private sector cybersecurity report. The Federal government relies on OpenSSL to protect the privacy of users of government websites and other online services. This Administration takes seriously its responsibility to help maintain an open, interoperable, secure and reliable Internet. If the Federal government, including the intelligence community, had discovered this vulnerability prior to last week, it would have been disclosed to the community responsible for OpenSSL.

The ODNI added that if the NSA had known of such a bug, it would have been in the interest of the Federal government to fix it: "It is in the national interest to responsibly disclose the vulnerability rather than to hold it for an investigative or intelligence purpose."