It was never trivial for TLAs to man-in-the-middle anyone, because PGP users were very much aware of the problem and nothing about key exchange was automated, for good or ill. Key exchange parties, reading out key fingerprints in their own custom extended phonetic alphabet etc.

A man in the middle attack would maybe work in rare cases, at great cost, and then you'd get one or two messages and immediately make people aware that they'd been attacked. It's not worth it. I'm confident the TLAs never bothered to do it against anyone with public keys on a key server, the minimum effort you could make to guard against MITM attacks.