Unfortunately, it seems that it isn’t quite as invulnerable as Apple has made it out to be. Passware, a company that specializes in password cracking tools, has recently announced that their latest software can actually be used to defeat the T2 chip and bypass the brute force mitigations that Apple had put into place.
Apparently this is achieved by exploiting a vulnerability in the T2 chip that allows the software to circumvent how many times passwords can be attempted. This means that in theory, attackers would need to apply a password dictionary and brute force their way into the computer and decrypt its data.
However, brute force is all about probability which means that depending on how long your password is and how complex it is, it can take a while before Passware’s software is able to figure it out. Also, it will require physical access to the Mac and it only works on Intel-based Macs, so for the most part, it’s not the easiest hack to pull off, so that’s comforting to know.