All right, it did occur to me I should be including reused addresses which use a hash rather than exposed pubkey. Don't have those numbers in front of me but it does seem likely we'd at least get in your range.
Discussion
Yeah, hard to say exactly, but it's a lot. Enough of the supply that they'd be far too influential going forward.
Also the in-flight "sniped" transactions. The more panic the attacker causes the more congestion, so the longer it takes for transactions to clear, the more chance the lab to snipe transactions in flight. Once they see the pubkey for a big one they run the private key, they get the private key output before it's cleared, they punch in RBF with massive fees from their already stolen supply (anything less than the value of the bitcoin being transferred is profit) and they pick off some big ones. These all add up. A lot of people move their coin out of panic not knowing if their pubkey is exposed or not (not really sure what that even means).
This is why their main goal is to cause panic, chaos and critically massive congestion in the first 3 days. If they can slow it down to hours, they win big. They might also have a plan to pay off miners to slow down the hash rate.
It's actually quite a fun one to game theory out.