One thing that I don't see mentioned very often with regards to the last pass breach is that 2fa seeds for their Authenticator product were also compromised and taken. Meaning not only could the attackers gain access to passwords, if you were using last pass for 2fa they had that as well.