and if the hardware attestation keys are dumped, congrats: the totality of damage you can do is just claim a new authenticator registration originated from a specific model of hardware, that's it. There's no damage in it beyond that from what I'm aware, as it serves no other role.
And if a key is dumped, then the service can just restrict any new authenticator device registrations of that batch/model, versus suddenly revoking all devices registered before the key was leaked (unless the time period of the leak is completely unknown to the span of years).

But yes, whitelist-only is a possible issue, but is unlikely for consumer services.