SEEKING HELP on Phishing attack who used Smarsheet team as sender

Several staff members from our organisation fell for this phishing email, looks like it's from Smarsheet team (see attached Image) so users click on folder link from an email and their account was compromised.

Has anyone else have experienced similar phishing attack as we don't have visibility if this is on a larger scale or our organisation was the only target, what to do if someone fell for it?

Out IT team is working hard to resolve this, any help from Smartsheet community would be highly appreciated.