I'd like to point out to users who have 2FA on their LP access and think they are safer, that does not protect the vault in a compromise like this, it only enhances the security of delivering the vault, the attackers here already have the vaults. Vaults are only protected by password.