I was never able to successfully trigger the false positive last night but I believe the most recent explanation from LastPass is in line with what I have been seeing. Intermittent false positive emails.
Yeah, just saw their new announcement (thanks for doing those tests yesterday by the way!)
I don't know how much to read into their use of "some" and "likely" i.e. "some of these security alerts, which were sent to a limited subset of LastPass users, were likely triggered in error"
I would want to know whether they can demonstrate that wrong passwords were used in this attack. And have an explanation for those users who received the email a 2nd time after changing their passwords.
https://www.techradar.com/au/news/lastpass-accidentally-scar...