Lastpass — another breach?

Just wanted to spread the word, in case any Lastpass users haven’t seen this Arstechnica article that dropped today.

Yikes. Or rather, I think this amounts to another issue, not previously released? Quite frightening how far malicious parties appear prepared to go. Seems an employee’s home system was breached, and a company vault was accessed.

Anyone more clued up than me that can comfirm how serious this is?

This article is about one of the same breaches we already heard about, but it’s reporting that the breach went longer and further than previously reported, and it describes some scary security vulnerabilities and practices in this LastPass employee’s home office that could easily lead to another breach if not addressed on a company-wide, cultural level.