That article contains the following "evidence" claiming this is how the leaker was unmasked:
> Armed with this evidence, the NSA was able to quickly determine who had printed the document by checking audit logs.
So no I see exactly _zero_ evidence in that article that this was the method used. If you have any other article that has such evidence, I'm all ears.
Of course you're correct that The Intercept should have taken more care in this matter, but that doesn't mean that this was the reason why the leaker was found. The leaker should also have been a bit less amateur (e.g. not communicating with The Intercept on a _work_ computer).
Do you think the NSA wouldn't have checked access logs and the emails if not for the scan? The difference isn't between getting caught vs. not, it's between getting caught in days vs weeks.
But also caught with irrefutable proof. The printer and job time can be tracked back to her precisely. With that in hand, there is absolutely no doubt that leak came from her (she intentionally shared), or through her (she printed, but someone else shared, with or without her knowledge).
Massive incompetence and amateurish stuff on part of the leaker and The Intercept. Yellow dots have been known for ages.