Security is about mitigation. Every company is a target. They will be hacked. Its about mitigating risk of those hacks. So zero knowledge architecture is what Last Pass uses. All of your data is encrypted, by your master password key. Even with encryption, they can brute force into your account. The longer and more complex your password the harder this is.

This hack happened in August. Depending on your password complexity for example, they could still be trying to get in today on just your password.

So password managers still work and as long as you prioritize best practice passwords or hopefully pass phrases you should mitigate most of the risk to your accounts.

But, you don’t want to take chances and again you mitigate risk by still resetting your password.

Generally, you can trust password managers with zero trust architecture. Last Pass has become unreputabme over time due to its practices but that doesn’t mean that if implemented correctly you wouldn’t mitigate a lot of your risk.

Its still way better to have your passwords there than sitting plain text on your PC as an example.