Lastpass has announced that they've seen traffic on their network that they can't account for. At this point, they can't for sure say whether they were compromised, but they've taken several measures to be safe. As of right now, all logins from mobile devices and IPs that you hadn't recently used before this traffic have been disabled. To use those you'll need to change your Lastpass master key. If a hacker had gotten the encrypted passwords, plus the salting formula Lastpass uses, they could theoretically successfully figure out your password by comparing the hashes. Currently, Lastpass hashes a hash and "salts" it to make it more difficult to brute force. They are also going to start requiring 100,000 hashing iterations per passphrase which will make a brute force attack very computationally expensive. I've changed my password, mainly because I use the iPhone and Blackberry apps.