If you have a Ledger, just don't use Ledger Live — that itself removes a good chunk of the uncertainty risk.
If only it were that simple, but for those who buy Ledger HW for the first time, using Ledger Live is mandatory for the initial setup of the device, and for those who have been using it before if they want to upgrade the firmware or add/upgrade any coin app. In addition, regardless of which software you use with the device, you still connect to the Ledger servers for every incoming/outgoing transaction, which means that you still take certain risks, at least as far as privacy is concerned.
For anyone who can afford it, it would be wise to find an alternative, or to pretend that nothing has happened and will not happen.