MD5 is both vulnerable to collision attacks and targeted collision attacks. We can imagine both in the wikileaks case. You are correct that Target collision attacks are more difficult but they have been done in research for many years now[0](2006) and they are showing up in the wild as well[1](2012).
[0]: http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.140....
[1]: http://blogs.technet.com/b/srd/archive/2012/06/06/more-infor...