2 years old, perhaps relevant: https://twitter.com/taviso/status/1167400178912882688

Lastpass is the most widely used password manager.

They've been the target of security breaches in the past and are currently receiving bad press because of a bait and switch they did with users on their free plan.

I'm not sure I'd call reducing the functionality of the free tier as bait and switch. First, you aren't paying anything for that free tier, and bait and switched usually refers to a type of business fraud (which is illegal, btw) in which you are sold one good but then provided with a different good. If you didn't buy anything, and were not asked to buy anything, but were simply provided with less free stuff than last year, it's a bit of stretch, and even a bigger stretch to be so indignant that you are now getting less. Honestly, it sounds pretty damn entitled.

What LastPass did was they removed functionality of a free plan -- functionality which they had for several years (I think over 5 years now) and then decided to remove it, most likely because they thought the marketing value of the free plan was no longer worth the potential sales cannibalization. (I'm not an employee and have no inside knowledge). This is a straightforward business decision that firms do all the time. You can always take your zero dollar business elsewhere.

I wouldn't consider LastPass to be the most secure password manager, and I'm not sure I would recommend them as my favorite, but they are very easy to use, are the market leader, and it is important that they stay in business, as on balance these password managers do improve the overall security of the web.

Yes, I think people should know about this because LP is the most popular one. And it's collecting loads of data. Probably this is the reason why they never open sourced it

This is why I ask. A big target means lots of attention. A small target might have even worse security but no one is paying attention to the same extent.