More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists
If it is cloud hosted then there is always a possibility. Programs like keypass run locally and are only in jeopardy once your system is compromised. The issue with keypass is implementing it for multiple users is probably a chore (never looked into it).