Risk of attacks when happen will be for new transactions. If yours are old one (1 month+), your fund will mostly be fine. Asssume that such 1-month attack happens, its cost will be about $4,250,952 ($590,410*24 hours*30 days). It is impossible (cost) and also because the community will do react fastly with such attack.
To be fair, 4 million is still not a lot. The assumption is based on the cost of the resources obtained from NiceHash. This means that the pricing is inflated to some extent still. Depending on how long the attack lasts, some of the block reward could also be spendable in the forked chain. The attacker could do more damage with it.
The main caveat of the attack is not how fast the community would respond but with the fact that their ASICs are worthless at that point.
Some casinos (
Bitcasino.io, ie.) allow customers to gamble with unconfirmed deposits but they don't allow to withdraw before deposits are confirmed (1 to 3 confirmations).
It's important to note that most of those casino does implement extra checks to determine the ease of reversing the unconfirmed transaction (ie. non-RBF, high fees, confirmed parent). Some services has been burned from allowing unconfirmed transactions to be credited.