But it's still not a number - how many are actually being hacked in this manner? Hundreds? Thousands? Millions? Five? There's not enough context given to tell. That picture on slide 18 with all of the redactions just below the quote you cite shows 63 egg-shaped (or maybe "orb" shaped?) icons with various colored halos and warning symbols next to them. If I were to make an educated guess based on that slide, I'd guess that CSEC controls a total of 63 relays. If I only read the article, I'd assume several orders of magnitude more.

The point that I was trying to make in my earlier comment is that when we read an article like that we tend to instinctively ask more questions, and if the answers to our questions aren't there we tend to make assumptions. Depending on both our own biases and the biases of the author presenting the information, our assumptions are often way off the mark (in either direction).

Here's some questions I would pose to the authors of that article that aren't answered:

How many hosts are being hacked?

Who owns the hosts being hacked? Have the authors taken steps to inform the owners? If not, what is the reason they chose not to?

What are those hosts normally used for and by whom? What is the scale of the privacy implications associated with NSA/GCHQ/CSEC using this host?

What criteria are considered when they select a host to hack to use as a relay?