The Computer Fraud and Abuse Act of 1984, 18 U.S.C. §1030, which has been frequently amended, makes it illegal to knowingly access a computer without proper authorization, or in a manner that exceeds authorization, (i) in order to gain certain statutorily defined information or (ii) that is used by a financial institution, the federal government or in interstate or foreign commerce or communication.
In addition, the statute prohibits the access of a protected computer in order to commit fraud or obtain something of value, cause damage by knowingly transmitting harmful items, traffick in computer passwords, or engagw in extortion by threatening to damage a computer.
In certain instances, the statute provides for a private cause of action for damages or injunctive relief.
A good overview of the CFAA can be found here.