The University Hospital of Leuven filed an complaint against the hacker to penetrate a server on their network (there is some discussion about the impact of the stolen data) based upon the law against computercrime.
We would like to warn any computer- or securityexpert to refuse any question from any journalist to test or penetrate into any network or server in Belgium without having the written consent of the legal owner of that network or server. In that contract has to be mentioned what could and what shouldn't be done and what would be the channels of communication and the different tests that will be executed.
I had this question different time and I always refused them. Journalists always thought that when they had me in Camera they could ask me to do things that were illegal but looked exciting.
But you don't have to hack to proof that there are many vulnerable networks in Belgium, even with medical data. (but in fact it was not medical data from real patiënts but from a medical department of the university where files from a testgroup in an experiment were not enough secured (encryption anybody ?)