In what may or may not be related, the mobile app has been down all day, and it's not clear what is going on.
https://twitter.com/ZippyChippy4/status/1512317919765618689
https://twitter.com/ACR_POKER/status/1512261623347564554
It is very possible that ACR discovered that this breach was via the mobile app, and they've taken it offline until they can fix it. Note in the e-mail posted by that Twitter user above, ACR acknowledges there is "no timetable" for the mobile app's return.
There are also several (reliable) reports of a new procedure in place over the past week, regarding sending a confirmation e-mail to cashier@digitalexchange.eu, when a cashout is requested. I am assuming that digitalexchange.eu is their payment processor.
I doubt this is all a coincidence, and I believe the situation is a lot more complex than a simple "credential stuff" attack.