It's a cat and mouse game where mouse have an distinct edge.
I am neither applauding nor deploring this; just predicting it.
(One of the things the mice may learn is that the slightest identity leak can give them away. One mis-click on a Facebook login or something and that could well be that. If I were a mouse, I would be working on building something like an encrypted VM image that only contains "safe" software on it, like browsers configured with TOR or whatever, and make sure to do all my business in that VM, and only my business in that VM, while maintaining a "normal" identity on the outside of the VM. The best way to prevent identity leakage is not to share it at all. And I would not install clipboard sharing between VM and host, and I would not enable shared windows; I would deliberately leave the VM console up, and distinctly less than full screen, so it is very visibly obvious that I am either in or not in the VM. I would not use any of the conveniences designed to blur that line.)
That is, assuming you don't go for some NSA parallel construction thing. But if that's the case, it will probably become clear after a couple more site busts.
Whoever does this next will know how much of a risk they're at, and will probably take appropriate steps to protect their real identity from day 1.
It sounds like they need to harden the server better too. Not just the code base and platform, but even configuring things such that whatever OS the site is hosted on can only see the outside world through Tor.