For anyone seeing this thread with questions as I did. I want to leave my perspective as the process can be mysterious. I was phished in a similar way to OP. Even though I had phishing training, I still let my guard down. I wasn't cognizant, perhaps half asleep.

Dec 28, received a tell about a community event through the forums. I blindly followed the link to see what it was about, it looked like these forums. The thread was indeed looked like a community event and there were multiple replies and updates to the page. In infinite hindsight the attackers went through extensive lengths to setup this phish. I was reading through some of the replies etc. Everything seemed pretty normal, not much looking like bots. It was several years since I've been to the forums, and the URL was similar to the actual forums URL but with a tiny difference. It wasn't obvious until after I tried to login.

It was immediate from the instant I hit login that I had been phished. There were several redirects until it landed me on the EU forums (I'm NA) with a bad one time token prompt. I was in game still at this point, and I got the black screen with the authentication error. It had dawned on me, sinking feeling and all.

I was quick to try to change my password from the launcher's "forgot your ID", it was too late. A token was added to my account (Yes I didn't have one, few years back I lost my phone, was a pain to get removed, still recommend one).

Using the launcher seems like a good Idea, but its very difficult to be fast enough to counter the attack. The phish also had a token field, attackers are advanced enough figure out the next entry on the token. The best counter for Sqex might to add email verify before new token is added as my email was never compromised.

I was on customer service fast. Within ~10 mins I was in customer support chat explaining the situation. The rep unlocked the account enabling login. I saw my characters gil missing and transferred to a different server. So the rep put my account on suspension since it was compromised. There were numerous identity verification steps in there, many password changes. I had read through various other third party forums and these ones that this suspension could take a long time, but for me it was 3 days.

From the lifting of the suspension on Dec 30th I filled out the character rollback form roughly within a quarter day from the lifting. It's only been 4 days since then so I'll update this when the character gets rolled back so there's an account of how long it took me.
I was advised not to play as I would lose progress, mostly stuck to that but have done raids/trials to get experience, passing on all loot as I wouldn't keep it. I created another character and have done some small leveling. I don't know if that character will be affected, I'm ok with it. Just practicing on a class I haven't played in forever.

Well, hopefully its not too long until my follow up on the roll back.