LastPass security company

This is relatively old news at this point, but the reasoning in your post behind changing your master password is flawed. The master password is used to protect the encryption key for the password vault - where all your various passwords are stored. If the intruders got a copy of the vaults, changing your master password after the fact will have no affect. That will only create a new encrypted copy of the vault stored with LastPass - the old encrypted copy using the master password whose hash was stolen remains unchanged. It would remain vulnerable to offline brute force attack. But because each password has a unique salt (a bit of random information added to a password to defeat dictionary attacks) added to it the intruders cannot brute force every stolen password - each password would take a ridiculous amount of time and computing power to break.

LastPass has more information on the breach here.