I would look at it the other way around:
Does knowing the list of users increase the severity of an attackable account lockout mechanism?
Usernames are generally not random but based on people's names, so even without specific knowledge you can enumerate likely usernames (based on a dictionary of common names) and rapidly submit them to trigger lockouts on any that are valid.
A lockout system can and should protect against such attacks, for instance by locking out or rate limiting requests from a single IP address regardless of the username attempted. This only needs to slow the attacker down enough to make enumerating impractical.
Knowing the list of usernames reduces the size of dictionary which you need to enumerate. That might be enough of a boost to make the attack practical, but it depends on how many users you need to target, and what measures the system has in place to slow you down.
Knowing the usernames might also aid you in targeting high-value accounts without triggering other protections, but those usernames could probably also be guessed from public information about key staff members, so again it's a small boost not a radical change in attack.