Hi, I use the free tier, and was informed by my company the my password was exposed by the site Bitwarden. What I learn about this issue that no password was licked nor I use Bitwarden CLI, is there another incident? I use the flatpak version of the desktop app (Fedora) and the Browser Add-in (Vivaldi).
Hello and welcome to the community 
You’re right — in the Checkmarx incident, only the CLI installed via NPM was compromised and no passwords were leaked. Based on what you’ve said so far, this may not be connected to that incident, so I’ve moved it into a separate thread to give it its own space.
To figure out what happened in your case:
- Can you describe more, or give the exact wording of what your company told you about your password exposure?
- Hudson Rock has a free infostealer breach tool. If you check your suspected email addresses in the tool, does it show anything?
- Have I Been Pwned has a password/email breach lookup. If you check your suspected email addresses there, does it return anything?