[gregsadetsky]

Thanks -- my own case is pretty much identical to yours. My LastPass account was from 2017, and haven't used it since. I can also suspect a LastPass extension exploit from 2017 i.e. that's maybe how my password was stolen.

(I actually found an email from LastPass dating back to 2017 where they were confirming that a vulnerability with their extension had been fixed. The subject of that email is "Security Update for LastPass Extensions" and it dates back to March 31st, 2017)

I also agree with you that the attackers may have been hoping this time that some people would click the email link by mistake.

What's most baffling to me are the 3 independent reports of people changing their passwords, and getting the "Someone just used your master password" emails again i.e. the same attackers that attacked you and me somehow also having access to these new passwords. That can be explained in some ways (those 3 people are currently infected with the same malware) but that explanation seems, to me, very unsatisfying.