A question on device login security

A couple of months ago I had my iphone stolen. I remember seeing the device online on iCloud with a different number and location. My question is: if it’s possible to break the apple face id security is to also possible to break the face id login of bitwarden? Could they somehow have access to all my passwords once they unlocked the phone?

PS: when i asked my carrier to block my phone they blocked only the IMEI and not my phone number.

If FaceID fails on the phone, a pincode must be entered - while when FaceID on Bitwarden fails, the masterpassword must be entered. Quite a difference. Also, you could go to web vault and Deauthorise sessions - if you have 2FA enabled for Bitwarden, that would also help.