anyone with a copy of the blockchain can mount a large-scale offline dictionary attack to recover them. Research as well as real-world precedent has repeatedly shown that a non-trivial fraction of users are incapable of choosing passwords resistent to offline-attack even when password complexity requirements are enforced

They didn't claim to crack any hashing algorithm. A dictionary attack simply goes through a dictionary of possible passwords and tries each one until it finds a matching hash. Might want to reconsider that 0.5% chance.