TOR has been compromised, but not directly.
If your computer has been hacked correctly, the hacker can watch what you are doing with TOR or anything else. It is reasonably easy to place programs on your hard drive, programs that don't have any standard directory listing at all. Sure, these programs can be overwritten if you use your computer actively. But with the size of hard drives these days, few people completely fill them with "stuff." So, there is a lot of room for these hidden programs. Your best bet is to "wipe" the empty parts of your hard drive on a regular basis. This wiping will generally remove hidden programs like these. The more people who do regular wipes like this, the fewer red flags will be raised when you do a wipe.
The NSA has a communications center that is attempting to watch all Internet communications. Using probability algorithms, they can watch which sites are being accessed at the same time that there is activity by any users. This, along with certain connectivity and IP action, shows them which users are making connections. They may not be able to see from this what the user is doing at the site. But if the site happens to be a controversial site, they can tell whose computers they have to hack.
The old TOR was able to be observed, easily this way. But the present TOR rotates its connections among its members constantly, while a user is onsite. This makes it very difficult to "guess" which user is active with which site by the activity timing method. Hopefully this connectivity rotating is not being done on a standard time length. The length of time between rotations should vary regularly during a user's session.
In addition, the NSA has communications agreements with many of the ISPs, to filter all their users' activity.
