Whitehats are basically people who do what is legal whereas grayhats do what they think is right. For example: Say you are sitting on the toilet and your neighbor comes into your house and takes $10 out of your wallet and leaves. Also, let's say you see him but have no proof. Legally, you cannot break into his house to take the money back. You need to report it to the police etc. Of course, if you have no proof, then there isn't much point in reporting it. I think a lot of gayhats would just walk into their neighbor's house the next time he leaves and take the money back thus avoiding all the red tape.
Regarding what you did... It's not exactly certain because it seems like you kind of did it by accident, at least initially. Generally speaking, you need permission to hack someone. Someone can give you explicit permission or they can give people in general permission. Regardless, if you don't have permission, I believe you are supposed to stop immediately, inform the business and if they don't give you explicit permission, continuing to hack them would be illegal. If you continue, then that would be grayhat hacking. Illegal, not necessarily unethical.
Whitehats are basically people who do what is legal whereas grayhats do what they think is right. For example: Say you are sitting on the toilet and your neighbor comes into your house and takes $10 out of your wallet and leaves. Also, let's say you see him but have no proof. Legally, you cannot break into his house to take the money back. You need to report it to the police etc. Of course, if you have no proof, then there isn't much point in reporting it. I think a lot of gayhats would just walk into their neighbor's house the next time he leaves and take the money back thus avoiding all the red tape.
Regarding what you did... It's not exactly certain because it seems like you kind of did it by accident, at least initially. Generally speaking, you need permission to hack someone. Someone can give you explicit permission or they can give people in general permission. Regardless, if you don't have permission, I believe you are supposed to stop immediately, inform the business and if they don't give you explicit permission, continuing to hack them would be illegal. If you continue, then that would be grayhat hacking. Illegal, not necessarily unethical.