[heavyset_go]

Might be able to tell which VPN service they used and can then subpoena it.

[gzer0]

Based on the sophistication we've seen, they probably used Mullvad for their VPN. In that case, a subpoena wouldn't turn up anything.

[mtsr]

I don’t know if it’s been tried, but if not it would be in everyone’s interest to see what Mullvad will actually cough up.

[trogdor]

I have seen NordVPN’s response to a subpoena. Their response was that they had no records connecting an IP address at a specific date/time to any particular person.

[emayljames]

it would be the end of their business if they did, as they have a strict no retention policy. This would mean they are lying to all their customers, so it is not going to happen.