Good point. That's possible and could've made the things easier. I tend to forget that authorities can request personal information from companies (and that the companies don't mind sharing most of the time).
FTR, it happens ALL... THE... TIME. Court issues subpoena saying give us everything you have on this tweet/message/posting or be held in contempt. Company then responds with all info on account IPs, logins, timestamps, etc. Unless your OPSEC is impeccable, it's usually quite easy to identify a user and only requires the permission of a court.