This is the online edition of The Wiretap newsletter, your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.Last month, Forbes reported that the DOJ demanded that Amazon, Apple and Google provide identifying information, including names and addresses, of all users of a car tinkering app made by Cayman Islands-based EZ Lynk.The government claimed it needed the information as part of a case to prosecute EZ Lynk, which allegedly helped people circumvent emissions laws. EZ Lynk’s lawyers pushed back, claiming the subpoenas amounted to government overreach. At the end of last week, the court sided with the car app maker. In an order, the judge wrote that neither EZ Lynk nor the tech providers would have to provide the DOJ with app users’ personally identifiable information.gettyThat doesn’t guarantee that every EZ Lynk user will remain anonymous in the case. If any turn up in requested communications with the company, they may not be protected, according to the order. The judge also noted that EZ Lynk and government prosecutors will meet over the coming two weeks to decide whether it might be possible to subpoena data on certain users, such as those more active on the app. It’s unclear whether the government would want to subpoena the tech giants again for those details.It’s a win for EZ Lynk customers, whose personal information will now be protected, and may set a precedent that the government can’t demand personal data en masse when many users might be innocent of any alleged crime. Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.THE BIG STORYSOPA Images/LightRocket via Getty ImagesMeta Exposed Data Internally From Its Employee-Tracking ProgramAfter it began collecting workers’ keystrokes to fuel its AI training systems, Meta accidentally leaked the information internally, so employees could see what their teammates had been doing, Wired reports. Meta has now paused the program as it investigates, saying, “We have no indication at this time that any data was improperly accessed by Meta employees.” Stories You Have To Read TodayHackers leaked a trove of documents from Madison Square Garden, among which was a file showing that billionaire Jim Dolan’s entertainment business was keeping tabs on activists who disagreed with its use of facial recognition technology, according to 404 Media.Israeli cybersecurity company Zafran Security found four vulnerabilities in the widely-used open source AI app development platform Dify. One allowed a user to read any other customer’s private AI conversations “without authentication.”Winner of the WeekConsulting giant Accenture has acquired a majority stake in Dragos, a cybersecurity company focused on protecting critical infrastructure like the electrical grid. Accenture also announced the acquisition of two other cybersecurity companies operating in the same niche—runZero and NetRise—which will be brought under Dragos with a “combined business value” of $4.175 billion. Rob Lee, a former NSA analyst who cofounded Dragos, said in a company post there would be no change to day-to-day operations, “except we will get to go faster and with better partners.”Loser of the WeekTwo British cybercriminals—20-year-old Thalha Jubair and 18-year old Owen Flowers—admitted to hacking into Transport for London’s network. The hack caused £29 million in loss and recovery costs, according to the U.K. National Crime Agency. Jubair and Flowers were members of the Scattered Spider hacking group, which also attacked a number of American healthcare companies.More On ForbesForbesNBA Draft Projected Contracts: Here’s How Much Every 2026 First-Round Pick Will MakeBy Hank TuckerForbesForbes Top Creators 2026By Steven BertoniForbesHow Top Creator Dhar Mann Built The Hollywood Studio Of The FutureBy Steven Bertoni