@everyone @me
Gosh I got so many responses, so I will try to answer them all in one go:
@ "You don't know"
Well actually I do. I am not going to go into details (because otherwise my comment won't get published for legal reasons) but I very, very much know about some of the horrible things that this kind of thing can lead to. And I will reiterate that this is an incredibly minor version in comparison to what can happen.
@ "It is really awful"
I'd like everyone to imagine, in a generic sense, that you have "met" someone on the internet and seen their photograph. Now imagine that you ran into someone in real life who looked vaguely like that person. Would you automatically assume that it was the same person? No you wouldn't. I don't think that anyone who has ever used the internet would assume that they were definitely the same person. First off, people can look like each other, and secondly people put up photos that are actually other people all of the time. You don't know who is who half the time.
@ etc
There is more that I could add, but The Register chose not to publish my last comment, so I will take that advice and not go into too many specifics that prove my various points. Hopefully though people can take the advice to think a bit more globally about this kind of issue.
The issue isn't so much that they did something bad, but rather the lengths that they went to and what they could have done having gone to those lengths. That is, indeed, a rather scary reality. They used different ISPs for each account with no overlaps and kept track of each identity. That is pretty scary stuff. They didn't do anything serious this time (although maybe they secretly did?) but going to that kind of effort they were capable of doing much worse.