The dubious but solid reputation and very integrity of infamous black hat hacking clique Lizard Squad hangs by a thread, according to fresh online reports. Several arrests have been made between late December and last week in relation to denial-of-service attacks on both Sony and Microsoft, and most ironically, the cybercrime ring has lost the privacy of its entire client database to “fellow” hackers.

It sounds like the malicious high-tech reptiles made quite a number of coding-proficient enemies, and slithering their way out of this pickle may prove trickier than all recent DDoS intrusions.

Related: Lizard Squad may have aided and abetted North Korea’s Sony hack

Their website takedown tool-for-hire looks DOA, and this comes after a massive leak of Lizard Stresser’s customer list. This includes the unprotected usernames and passwords of over 14,000 registered clients, out of which only a few hundred seem to have actually paid for and “enjoyed” the service.

Remember, we’re talking a decidedly illegal utility here, designed to bring down a domain of choice for up to twenty days in exchange for as little as $6. Questions about how efficient the “stresser” did its job have hovered around it since day one, but we’re guessing no one will bother to find out now.

If you can’t trust the Lizard Squad to defend themselves from external raids, and protect your data, how can you trust them to deliver on the high and mighty DDoS promises?

Related: Computer security journalist reveals the identities of Lizard Squad members

As far as their legal troubles go, they’re merely beginning and likely set to escalate. In addition to the recent booking made in the UK, two other individuals believed to be part of the squad were picked up. One in the Albion as well, and the second in Finland.

It’s unclear whether they’re still in custody, and the silence of the authorities isn’t particularly encouraging. But the walls are closing in on the Internet vandals that ruined Christmas for gamers. Will they vanish, or will they rejuvenate themselves with new attacks?