> what are the odds that someone has been quietly spending 10s/100s of millions in cloud compute to brute force the keys for old wallets?

I've been wondering the same. But in this case it's multiple wallets, so it's very unlikely.