I didn't think of 2FA as being protection against password reuse. People should still avoid reusing passwords and change them if they know of a breach.
Are there really attackers who are picking up breach databases and then sim-swapping to get the 2FA as well?
I think 999 of those databases are the same data set. I lost a password ten years ago from a blog breach and I get almost a monthly notification about it showing up again and again.
For every leaked database of SMS messages there are 1000 leaked databases of account credentials