Today, not so much. But once the day is here where we have CRQC, if ATProto hasn't yet started using post-quantum cryptography for identities, users are either vulnerable or a bunch of stuff will break once they push a hotfix to make users not vulnerable.
Alternatively, they fix these things now, so once CRQC arrives, it's already not a problem, and no gets compromised nor have to urgently update their software.
DIDs are rooted in ECDSA keys (secp256k1). Each user identity is a non-PQ cryptographic commitment. These ecosystems must start migrating very soon because if CRQCs arrive before they're done, they face a choice between user compromise and bricking accounts.
Alternatively, they fix these things now, so once CRQC arrives, it's already not a problem, and no gets compromised nor have to urgently update their software.