The breach occurred in late January and impacted 1.2 million accounts, including IBANs, account holder names, addresses, and in some cases tax identifiers.

I’m not familiar with the specifics of the compromise, but I’d think that this would warrant having banks create new accounts for affected individuals, so that at least the IBAN is invalidated.