LastPass was hacked in July 2015. The goal of the attack was to get access to the password vaults Fortunately, even though the attackers got in to LastPass servers, they could not steal user passwords. Why? Because LastPass does not have access to your password vault. Without your master password, the passwords you store in LastPass stay encrypted.
Read more about the LastPass incident in 2015 at https://blog.lastpass.com/2015/06/lastpass-security-notice.html/.