It's been shown that NSA cryptographers have authored backdoors in their algorithms in the past.  Either that, or they're just not that bright.  The only thing is $10 million is an extremely small sum to pay.  I can imagine there are people that would pay far more for something like this.  I'd say it could've been $10 million to RSA and perhaps another $10 million directly into the pocket of RSA's Head of Engineering.