Judith Ray, Catawba’s chief technology officer, told the Winston-Salem Journal that one of Google’s Web-scanning robots hacked into a secure server and posted the personal information online.
I'm pretty confident in Google's claim that the charge is total "hogwash." It's easy enough to check the logs of web server and see what these search engines are doing. There's also the robots.txt file which they all seem to obey (the file specifies what not to search).
I have some colleagues, though, who found a draft of an as-yet unpublished paper some competitors were working on through Google. Apparently these competitors were either unaware the paper was in a directory being served by a web server or otherwise thought search engines wouldn't find it. No hacking involved though.