Yes, indeed, wildcard does provide some privacy through obscurity as it masks all actively used subdomains in both the cert and the dns records.
We looked at acme, but at the end of the day, we’ve been using certbot, which was the official letsencrypt client, from the start and it is so entrenched into our automation, it would take a lot of effort to switch to something else for little gain. And official vs 3rd party is a big consideration in this case.