I'm not seeing anywhere that chrono24 and watchfinder were hacked at all (not doubting you, only going on what I can find)
Rather, it seems an affiliate hired for email marketing was hacked.
That's a different level of private information loss--email addresses and names, rather than banking information.
I just want the concern level to match the threat. It would be unfortunate if people are changing their bank accounts when they just need to expect more spam, etc.
Maybe we should ask C24 directly?