Well, civil crime or not, this clearly falls under the cyber crimes laws.
"Unauthorized access" entails approaching, trespassing within,
communicating with, storing data in, retrieving data from, or otherwise
intercepting and changing computer resources without consent. These laws relate
to either or both, or any other actions that interfere with computers, systems,
programs or networks.
Regardless of the fact that they possessed the password, the managers were not authorized users of the group, and thus have committed a crime.