No doubt, the LastPass hack was bad, but it's far worse for one group of users than another. Some of LastPass' users only use a user name and password (in other words, something you know). Another group of LastPass users add to that a multi-factor authentication mechanism that will only unlock an account when in possession of an unlocking device or code (that's something you have).
Let's break that down a bit more. LastPass offers a number of different second factor authentication methods. These methods, whether a USB key or a smartphone app, require users to not only enter the user name and password, but also a one-time identification key.
That extra authentication factor is a lock-block to hackers. Let's say a hacker in Romania (yes, I'm just randomly picking on Romania) finds out your user name and master password as a result of this breach. All he needs to do is enter that into LastPass and he has access to all your accounts.
But now, let's say your account was set up to also use Google Authenticator or another second factor of authentication. Even if the hacker has your user name and password, he has no way of knowing your multi-factor authentication code because it's tied to your smartphone and only exists for a short period of time. The hacker is completely blocked.
So, let's make this clear: user name + password + hacker = pain. User name + password + a second factor of authentication + hacker = no joy for the hacker.
Before I sign off from this little note, here's a video from the always-helpful Patrick Norton and Shannon Morse taking you through the process of setting up LastPass with Google Authenticator. Watch it. Note: the LastPass section starts at timestamp 16:34. The clip below should start there, but if not, you can scroll on in (unless you want to watch some fun stuff about quadcopters).
No excuses. Everything that's important to you online depends on your willingness to learn how to set up and type in a little code. Do it!