Interesting, I tend to worry less about the password store than external password managers. Maybe you are onto something and I should research it further. But the breaches I hear about have all been with external managers. I particularly don’t want anything uploading passwords to remote storage. If I have to share a password between two machines (laptop and phone), I just transfer it manually. Another minor nuisance.
It was gradual rather than sudden, and partly a matter of perception catching up with reality.