What a non-story. The flaws in Dual EC DRBG were widely published shortly after release.
The backdoor was first published by Dan Shumow and Niels Ferguson in August 2007.
Bruce Schneier wrote the same year:
My recommendation, if you're in need of a random-number generator, is not to use Dual_EC_DRBG under any circumstances. If you have to use something in SP 800-90, use CTR_DRBG or Hash_DRBG.
This was common knowledge if you had more than a passing interest in cryptography. I think TFA is mistaken when it says that it didn't get enough attention. The reason academics didn't take it more seriously is that it was seen as so obvious, it was mostly harmless shenanigans.
You would only use it in a serious cryptographic product if you were an incompetent crackhead, or if the NSA had stuffed your ass full of money.
Incidentally, RSA, the large security firm, shipped it in a serious cryptographic product for years and years.