Normally I would agree with you, but given the level of breach suffered here AND the ABSOLUTE lack of transparency by the company, I wouldn't rule it out as an unreasonable concern.

With all the government supported bad actors in the world today the threat landscape has changed. State sponsored hacks designed to cause economic damage are becoming more and more common place. Sites like this are huge targets.

For the home user this is a difficult game but for the enterprise a well designed self-hosted solution (bitwarden for example) is the way to go right now IMHO.

Any of the big "public" cloud options are just too juicy a target. It is fairly trivial to set up your own reasonably redundant manager now if you're a company. The real issue is for the home user going forward. (But most home users have such horrible security posture i suppose it doesn't matter either).