The most interesting bits around what outed Sabu:
- reusing “anonymous” usernames and variations on them for many years resulting in “bleeding” of his identity elements (ie. usernames, e-mail addresses, domain registration information) between different, supposedly-unrelated social media and online accounts;
- giving out too much personal information about his political/national affiliations/ethnicity;
- accidentally logging once or twice into IRC chat channels without first anonymizing through VPN or Tor proxies;
- mentioning in a chatroom a domain name he owned, whose whois status—i.e. its domain ownership information—had not always been set to private, and which once listed his real name and address, subsequently preserved on the Internet;
- On an Internet that forgets nothing, once a document is made publicly available, even if only briefly, it may be archived in perpetuity. One old clue to even one element of a still-in-use identity can be enough to take down even the most careful hacker.