Your bank account and routing number are printed on every single paper check. There is no way that they were intended to be or can expected to be "secure" or private.
They are indeed meant to be private!!! In SPITE of being on the checks! Checks are supposed to be handled like confidential/sensitive documents! It's a big nod-and-wink scheme, kludged so bad that some localities have laws against disclosure of such numbers - just to work around the holes in the system in hope of discouraging at least local small-time fraudsters.
Elsewhere in the world, businesses put their account numbers on their stationery and websites. In the U.S. you don't do it, because anyone can use the routing number and account number to do an electronic funds transfer withdrawal from your account. Some accounts, say like the ones used for payroll payments, go through special processing where the combo of account+check number is a one-time thing, and is randomly generated and thus unfeasible to guess in advance. Also the payment amount is treated as part of it, so unless you know the entire quadruplet of the data (routing+account+check#+amount), your withdrawal will be denied. That's a rarity, though, not the way everyone's accounts are set up.
It'd be no biggie to have even private checking accounts set up so that unless you pre-authorize a check, it won't be honored. Yet I don't think any bank offers that for regular consumer use.