In this version of the events, Yahoo was responding to a court order under section 702 of the Foreign Intelligence Surveillance Act (FISA) that governs the PRISM program exposed by Edward Snowden's leaks. Although it's unclear exactly what they were looking for, the court order targeted code believed to be used "uniquely" by a foreign terrorist organization.
Reuters has followed up with another report of its own covering similar details. Citing unnamed former Yahoo employees, it says security staff disabled the program when they found it, and it had not been re-enabled before former top security officer Alex Stamos left the company for Facebook last year. It also noted a statement from Senator Ron Wyden, expressing concern that the NSA may have expanded its targeting under Section 702 from email addresses and other identifiers to other content without notifying the public.
Yahoo declined to provide further details on the program or what details of the initial report were misleading, but between these revelations and news of a massive 2014 security breach, this probably isn't over yet.