Anyone online is only as secure as the quality of their passwords and even with a good password they can be vulnerable. I pay for LastPass to protect access to the multiple sites I use. I was alarmed to see reports that LastPass users may be vulnerable. The following explanation offers me some relief and I hope the explanation is accurate. Don’t use a password for a password manager you have ever used elsewhere.
LastPass breaches appear due to credential stuffing.
‘A credential stuffing attack is when hackers take username and password combinations leaked through data breaches and attempt to use them at other online services, hoping that some users reused credentials across different sites.”
https://therecord.media/lastpass-confirms-credential-stuffing-attack-against-some-of-its-users/