More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists
It’s encrypted on the client and bitwarden themselves can’t decrypt it (we assume, but there have been audits that seemed to confirm that).
If you want to you can just run your own server then they can’t see the traffic at all.
Who’s we? You probably mean you assume. Bitwarden is open source so an assumption need not be made.