That was a pretty rapid response from CF though, are we sure they didn't know ahead of today? How long did they have to determine "no evidence" before making a public statement about it?
Any competent operation is continuously monitoring all available signals for signs of breach. All I read into this is that their systems have not identified any IoCs. Doesn't mean it hasn't happened, but, if you're relying on something non-automated to make these kinds of determinations, you're already pretty screwed. Forensics is definitely a thing in cases where there's reason to believe a breach happened, but, it's not the thing that will be used to decide something has happened worth investigating.
Thus, it should take approximately zero actual time to conclude what was stated here.
Thus, it should take approximately zero actual time to conclude what was stated here.