Riseup is not glow in the dark. They stopped updating their canary like they should've, everyone using it should have understood to tread lightly. Once the NDA broke they made a blog post explaining it. It wasn't a broad search for all user data, but rather a search for data from a ransomware seller's email. If your security can be broken by a mail server being seized, your opsec is fucking terrible and you should reevaluate the risks you're taking. If you're being a fucking retard and sending unencrypted clearnet emails with sensitive information no email provider will save you. Protonmail is not a solution either. Learn how to tor + gpg.
Tor is not an acronym.
Before I recommend this, I want to make it clear that vps are only good for a few things: torrenting and hiding your personal traffic from your ISP. Don't use a vpn for illegal things you dummy. Here's how you get a vpn and not expose any personal information of yours except for your ip address.
1. Obtain crypto. If you cannot break the money trail between you and the crypto learn how to opsec.
2. Buy a stolen account from a reputable vpn company.
3. Use vpn.
Usually these accounts are cheap as fuck (like a 2 year plan for $5). Vpn companies shouldn't care about what IPs are connecting to the account. Most don't give you a way to check how many connections you have at one given time either. Chance of getting caught is low, unless you're a retard and change the password. Vpn companies are not invulnerable to data leaks. Just recently NordVPN had their member's personal information leak. Emails, usernames, etc. associated with the account. A stolen account user is unaffected. For those that are actually into opsec, this also provides a clean way to get a vpn to tunnel tor traffic through. Utilizing qubes is great in this regard. E.g.
sysfirewall - provides clearnet -> syswhonix - provides tor > sys-proxy - provides proxied internet -> targetvm
This makes getting to sites that block tor exit nodes easier. It makes it so you don't have to give a vpn your actual ip to get to unrestricted clearnet. Of course, for all intensive purposes, illegal activities most likely should not be conducted this way.