Did you actually read the article? The only unencrypted cleartext was website URLs, and while the attacker now has password vaults, they're still protected by your master password: so as I said earlier, if your password has sufficient entropy to stand up to brute force attacks (and you haven't reused it) then you're still "okay".

I agree this is quite bad, and moving elsewhere would be wise. But no reason to believe your encrypted vault has been compromised