Subaddresses are cool but they two unfortunate characteristics: (1) the sender derives a real pubkey from the subaddress and sends money to it (2) if the recipient spends that money, their pubkey shows up again as a member of a ring signature

Chain analysts use that fact to trace monero payments. They have ways to eliminate decoys from the ring signature and, in many cases, identify the real spender, and this privacy flaw has led to several arrests. Lightning fixes it.