Would this type of hack fall under the Computer Fraud and Abuse Act? If so, it seems like an easy case to prosecute (the person committing the act has a financial profit motive, the public would like to see genuine bad actors get punished, etc). Or does the CFAA not apply because this isn't a protected resources?
Maybe it could count as "knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value".[0]
But they only bring out that kind of prosecutorial initiative and creativity, if you downloaded a bunch of academic articles after previously identifying yourself as a bit of a troublemaker (Aaron Swartz). Who cares about some old immigrant's restaurant? OK, enough cynicism for today..
