We have now fixed this mistake and deeply apologize for it.
Please verify that you have updated to the current version of Tutanota (3.73.1) and open the contacts view once.
This will make sure that all birthdays of all your contacts are stored end-to-end encrypted. We will automatically purge all birthdays which are stored unencrytped after they have been migrated to encrypted birthdays.
You can check the version of your currently running Tutanota client by clicking on Settings. The version number is displayed at the bottom of the left panel.
As you can see on our encrypted email page, all other data of contacts is encrypted - and now also birthdays again. This means that even if someone had been able to access the data, they would have only had a birthday date - without a name, without an email address or anything else to identify the person.