Bank cards are not susceptible
I work in this industry.
It is true that Mifare classic has been broken for a long time and can easily be cracked with cheap readers and open source tools.
What the payment card did wrong in this case is held the balance on the card protected only by the lock keys.
If they had implemented some form of readback and check-at-base like I suspect my local bus company does* then they could match card IDs to wildly changing balances and invalidate the IDs of the cards that are being hacked.
Another layer of security such as combining the current balance, the date/time of last transaction and using the card ID as a salt being pumped into a simple bcrypt routine to produce a validation hash would have also foiled this method.
This sounds like sloppy implementation security around guarding the validity of the balance. Nothing to see here.
Bank cards are a different matter. My bank card identifies itself to my phone as a simple Mifare Classic, with a lot of locked sectors. Nothing unusual. When presented to my cracking tool my bank card thinks about it then starts to return timeouts on the sector probes. On the second run, my bank card times out immediately and refuses to talk to the reader. While the chip structure of my bank card may well be a Classic inside, there is something else in there. There is a guard that is sitting between the RFID interface and the chip that is preventing the repeated probings needed to crack the keys. Your bank cards are safe for a while.
*My local bus company uses Desfire cards, so I haven't been able to check their methods.