Snowden's files predate the existence of the vulnerability. Many of his files were years old when he exfiltrated them. This vulnerability was created by a specific check-in that has been identified. That does not, of course, mean the NSA didn't use it, or even create it. Both are possible.
Yep, in particular the Guardian article which the linked Reuters one is based on [1], says:
>"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," stated a 2010 GCHQ document. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."
> An internal agency memo noted that among British analysts shown a presentation on the NSA's progress: "Those not already briefed were gobsmacked!"
Which certainly sounds like SSL traffic was broadly compromised as far back as 2010.
That doesn't conclusively prove heartbleed isn't of use to these agencies though; for example one possible scenario is that the British analysts were "gobsmacked" by some other undisclosed vulnerability similar in scope to this one, which has since been fixed (and, if you're inclined that way, you could theorize that heartbleed was introduced to replace it..)
For reference take a look at this article from September. http://www.reuters.com/article/2013/09/05/net-us-usa-securit...