[ghosts_]

I think this gives people a false sense of security, yes zero knowledge is extremely useful + cool, and certainly reduces the risk in event of a breach, but all it really means is that _all_ of your passwords are behind some encrypted blob in the open, that would be extremely difficult to decrypt. Not impossible. Certainly any average or even very high-end machine today would have a pretty much 0 percent chance at decrypting the data, it's still out there in the open forever. Imagine in 10 years we have some leaps in quantum computing or discover a flaw in the algorithms use, all a hacker would need to do is go back & decrypt the data to try some credential stuffing attack, etc.

TL;DR is short-term I wouldn't be freaking out of my password manager was hacked, but I would still definitely update all credentials at some point & treat it as an actual breach, and not an "oh no we were hacked but it's okay because zero-knowledge!".

Also how many times have they been hacked now? Who's still using last pass?