if the hacker releases anything it does not automatically invalidate the nda, because nobody knows if the hacker wrote the mails himself.
a nda is a nda...
while legally right, it would be hard to execute, if you just publish then public knowledge.
(but i am very interested in this mails; but if they are released you should read them with a big grain of salt)
- i am not even sure if i am allowed to read them (german law is sometimes a little bit confusing.. a little "delete this mail if it is not for you" at the end of the mail is enough to forbid reading)
Someone could remove that last line and forward it to you, and soon you are allowed to read it.
But frankly, an email is a digital postcard, everyone on the whole delivery chain can read it.