Yes. A service member can be prosecuted for improperly accessing records even if nothing was changed, deleted, or damaged. Many people assume that a computer offense requires sabotage, a planted virus, or some visible harm to the system. Under military law, that assumption is wrong. The act of reaching into a government system without authorization and pulling out information can itself be the crime, regardless of whether a single byte of data was altered.
The governing statute: Article 123
When the Military Justice Act of 2016 took effect on January 1, 2019, Article 123 of the Uniform Code of Military Justice was rewritten to address offenses concerning government computers. The current statute, codified at 10 U.S.C. 923, defines three distinct ways a person subject to the code can violate it. Reading them in order shows precisely why alteration is not required.
The first prohibition reaches a person who knowingly accesses a government computer with an unauthorized purpose and by doing so obtains classified information, with reason to believe the information could be used to the injury of the United States or to the advantage of a foreign nation, and then communicates or transmits that information to someone not entitled to receive it. This is the espionage-flavored variant, and it involves both access and onward disclosure.
The second prohibition is the one most relevant to the question of access without alteration. It reaches a person who intentionally accesses a government computer with an unauthorized purpose and thereby obtains classified or other protected information. Nothing in this provision requires that the data be modified, deleted, or harmed. The wrongful act is the unauthorized access coupled with obtaining the information.
The third prohibition reaches a person who knowingly causes the transmission of a program, information, code, or command and thereby intentionally causes damage without authorization to a government computer. This is the variant that does require harm, but it is only one of the three theories, and the government is not limited to it.
Why alteration is not an element of the access offense
The structure of Article 123 makes the point clearly. Congress created a separate, damage-based offense in the third subsection. If unauthorized access always required damage, that third subsection would be redundant. Instead, the second subsection criminalizes obtaining classified or protected information through unauthorized access standing alone. The harm the law guards against is the breach of confidentiality and the …