I personally don't use an online password system, but if I did, LastPass is actually the one I would use. At least they were smart enough to see relatively quickly that their security had been breached and the methods they use to encrypt user data seem as strong as anyone else out there.
Anything connected to the Internet is going to be vulnerable to hacking. Someone capable of hacking into Kasperksy Labs internal network
clearly has the knowhow to hack into just about anyone else's network too. Kaspersky believes that only a state actor (think NSA or their equivalents in China, Russia or Israel) could have mounted the attack on them, but once you have a proof of concept, it won't take long to trickle down to clever hackers in private practice.
I keep my passwords locally in an encrypted database (eWallet), along with a lot of other private information I need to look up from time to time. But I also distinguish between types of passwords needed for different sites. I use the same passwords for a lot of sites of similar nature where I have nothing to lose if it is discovered - think subscriptions, forums, etc. They are easy for me to remember but long enough to challenge the weekend hacker. For anything that might involve money, I use separate and more secure passwords. The important thing is to make them long, not to use weird combinations that you can't reproduce or enter by hand.
An online password manager provides a certain amount of convenience, and probably enough security for most casual use. I just don't think I would trust one with anything really critical.