Without knowing anything about LastPass, a few ideas come to mind. First, is your master password only something that exists in your head? Or is it written down anywhere else either digitally or physically. If so, someone may have gained access to that. Did you use the same password anywhere else, ever? If so, it could have been in a database of possible passwords that someone used to try to brute force a copy of your KeePassX file, and succeeded. Also possible liabilities for brute force attacks are using a password that contains some kind of facts or information related to you, such as a birthday, loved one's name, address, etc, etc.
The other possibility that comes to mind is a man in the middle attack of your password was ever sent over the wire with zero or weak encryption, when someone was snooping, like on coffee shop wifi or even a nosy neighbor on your home wifi.
Thanks -- this specific master password was only stored in another, offline, password manager.
The specific password was computer generated, and I have not used it anywhere else i.e. it was only created for this LastPass account.
That's why this (probably) either means that my local password manager has been compromised (catastropic if true) or that the info I received from LastPass is not completely accurate..?
The other possibility that comes to mind is a man in the middle attack of your password was ever sent over the wire with zero or weak encryption, when someone was snooping, like on coffee shop wifi or even a nosy neighbor on your home wifi.