A German court has charged a programmer investigating an IT problem with hacking and fined them €3,000 ($3,265) for what it deemed was unauthorized access to external computer systems and spying on data.
It looks like the charges are from using the credentials they found not just for finding them. It's definitely a crap charge because logging into the DB exposed the wider issue of being able to access other customers records.