At this point, it's not really a technical matter - it sounds like there was a hole in NGP VAN that a child could walk through. I think all that really matters is intent, and that's always hard to judge. Uretsky had a very strong motive for proving to the DNC that there was a security flaw - if he could access the Clinton campaign data, then the Clinton campaign could just as easily access the Sanders campaign data. Then again, the searches that senior DNC officials leaked did not look like simple proof-of-concept searches, those appear to be targeted to benefit the Sanders campaign. It really boils down to whether you're willing to assume goodwill on someone's part and there's evidence both ways.
It mostly just chafes my ass that this whole thing could have been avoided if somebody at NGP VAN had written an integration test. Good job, guys.
I'm still catching up on this story, but from what Im reading, there's way more evidence going one particular way if you consider the search inquiries and the fact that access to Hilary's data was passed on to multiple accounts/staffers.
It's going to be a reach to claim the intent was noble here.