Yeah, all things considered this is a good case of proper segmentation, working security controls, and good incident response & crisis communication. Compare this to LastPass to illustrate the difference in how it was handled.
Heh, I joined a company that used 1Password. Loved it. I set up a personal account to replace my use of browser built in password management.
The company got acquired and the acquirer replaced it with their corporate solution, LastPass.
Then the LP breach happened and they switched to Keeper. Still prefer 1Password.
No user data was accessed and even if it had, through the use of the very high-entropy recovery code, it wouldn’t have mattered. 1Password continues to be The Good People™️