If the hack of LastPass happened yesterday, sure, but it happened months ago. There are a variety of different attacks that could be executed in that time, and the sooner the attacks are executed, the better — because less time for credentials to be rotated.
I find it implausible that the first hint of vault compromise comes 4 months after the hack and is against a low value cryptocurrency wallet. Especially considering that when LastPass first had issues, there were dozens of people reporting personal experiences of it here on HN — if LastPass vaults are compromised, the internet would be flooded with reports.
I largely agree with you, however it may also be the case that the attackers have been working on cracking vaults quietly since the hack and the announcement made them go after everything they had cracked so far instead of continuing to work quietly. They might have decided the crackable vaults don’t rotate credentials within them often, but it becomes much more likely after the announcement.
I find it implausible that the first hint of vault compromise comes 4 months after the hack and is against a low value cryptocurrency wallet. Especially considering that when LastPass first had issues, there were dozens of people reporting personal experiences of it here on HN — if LastPass vaults are compromised, the internet would be flooded with reports.