It seems like one of the hit ISPs (KPN) actually is part of MANRS. Shouldn't that have protected them and their customers?

I don't think so. When you're in the middle and neither the source nor the destination of a route implements MANRS, there is not much to protect/verify. MANRS does protect you from becoming a leak, among other things. (I am not a total expert on routing, so please take this with a grain of salt)