This isn't how the BLE or NFC system works. Has anyone had their R1T lifted by a crook using this method? I don;t think so.
Did you read the paper linked in the article? The whole point of the attack is that it is based
exactly on how BLE works. The NFC cards are something different, and the fob may also be some other sort of radio, too. Phone-as-key could be vulnerable to this sort of attack, but for the reasons outlined in the paper it would still take a pretty concerted effort to pull off.
R1T owners who have enabled phone-as-key have complained about how the car locks and unlocks when they are walking around their house. I could see Rivian releasing a feature that disables or "quiets" phone-as-key when the car is parked at a known location like home or office. Doing so would also mitigate the attack described in this paper.
As far as Tesla goes their BT key fobs were VERY vulnerable because they had made a cascading series of poor decisions regarding security that made it very easy to steal (at least in theory, who knows how many were actually stolen that way). Given the publicity around the Tesla vulnerabilities, I would expect that Rivian learned those lessons and that their implementation is more secure at this point.