I'm more worried that this so-called solution suggests that any old password manager will do. In the light of agencies in a certain country being evidently simply above the law (insofar that clear and pretty egregious breaches of the law have quite simply zero consequences) I would venture that you really have to consider where something is hosted and who hosts it before you trust it (if they use Gmail, you can generally assume they're actually not that hot on security).
This is also why I don't use the OSX cloudy keychain facility. Safari now automatically suggests a random password as soon as it sees an account setup, but I keep that local. The only syncs I have of security facilities are SecureSafe (where I have a few passwords that need to survive me, so it has inheritance enabled) and OTP Pro, and the latter I do via a file, not via its iCloud mechanism (OTP Pro is like Google Authenticator, but more useful/flexible in a number of ways).
What this leak demonstrates, however, is that occasionally changing your passwords really is a good idea because leaks can emerge FAR later.
The real problem, however, is that passwords alone are no longer a good answer. Given how easy it is to install a simple One Time Password mechanism that is based on set of clear, open standards (RFC 6238 and RFC 4226) the only barrier is setting up the customer support process - we're not exactly short of client software. That should IMHO be standard for anything sensitive.