The "forgot your password" page only confirms that whatever information you have entered, is valid information for that user. So if you enter your target's name and email address, it will confirm that there is a user on file with that name and email address -- but if you already had your target's name and email address, you knew that already.
However, the space of PINs is small enough that you can brute-force it, so when you try enough PINs, now you know that your target with that name, is using that PIN. You as the attacker can't actually retrieve the account number, because it will get sent to the email address they already have on file for that user. But now you have their PIN (which quite likely is the same 4-digit PIN they use on other services that require one).