Password managers have been hacked/leaked…see LastPass.

You are facing the same risk in a different form every time you hand it to a waitress or bar tender, swipe it on a payment kiosk (possibly fake), or use the card details on an e-commerce site.