https://blog.lastpass.com/2015/06/lastpass-security-notice.html/ [blog.lastpass.com]

LastPass Security Notice

We want to notify our community that on Friday, our team discovered and blocked suspicious activity on our network. In our investigation, we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed. The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.
...
We are requiring that all users who are logging in from a new device or IP address first verify their account by email, unless you have multifactor authentication enabled. As an added precaution, we will also be prompting users to update their master password.

The suggestion is to wait until LastPass sends you an e-mail and prompts you to change your master password.

Although this is a somewhat worrying event I'm not too concerned about the contents of my password database as it's an encrypted blob and I've limited access to my account to only a few trusted IPs. Everyone should also have two-factor authentication turned on.