The problem, IMHO, is that selling a password manager is about selling trust. It is okay to have an incident (to some extent of course: "we got hacked and somebody stole our database, which was not encrypted" is pretty bad), but it is not okay to lose trust.
Given how it has been going with LastPass, I don't see how one would still trust them with their passwords.
Given how it has been going with LastPass, I don't see how one would still trust them with their passwords.