Hi,
Maybe the damage is not too bad and the users that have the transaction wrongly assigned to them did not execute them? You can check by looking at the STAD data (and/or Sm20 audit log if this is activated).
A standard overview with this kind of useful information is not (yet?) available as far as I know. But you can combine table/report output and create a customized report like Patrick's example. Or use tooling that are available on the market for Security concept audits/analysis.