Until the details come out, we cannot confirm that it is Bitdefender's fault for not encrypting passwords. Remember that the hacker said this himself:
The hacker also said that the data they had access to was unencrypted, “Yes they were unencrypted, I can prove it… they were using Amazon Elastic Web cloud which is notorious for SSL [a form of web encryption]problems.