According to pseudonymous developer 0xB10C's blog post, the entity allegedly used a number of different IP addresses to connect to Bitcoin full nodes on the network and ask them which version of Bitcoin software they are using.

 The blog post speculates that the entity is attempting to determine whether a particular node can be reached at a particular IP address, thereby violating the privacy of Bitcoin holders connected to those nodes.

If I have not misunderstood all the ip addresses used seem to come from a limited area.  Anyway my advice is to use an OS like Tails under tor on a USB key to manage your wallets.  I know I have a certain security mania.  Even qubes OS is not bad, indeed.