The exact API Bitwarden uses is https://haveibeenpwned.com/api/v3/breachedaccount/<USERNAME>?truncateResponse=false&includeUnverified=false" (link to code at bottom).
This requires a paid API key to use (if you want to try it yourself).
It is hard to determine where the exact issue is happening (HIBP or Bitwarden). Some possibilities include:
- it is an unverified breach, since Bitwarden query excludes them.
- maybe data in HIBP doesn’t have the specific email address you are looking up or something is missing