I don't know much about this story and certainly don't condone the behaviour, but from the article it seems all he was doing was abusing the password reset system offered by the service providers, which as anyone reading hacker news will know is a very flawed security model (I use random data for answers when they force security q/a). Not exactly high level hacking (it's no firesheep session hijack for example) so seems a bit harsh considering. Surely this is really an issue of a very bad security hole being abused, more responsibility should be directed to the email providers to get better with their security. Again not saying such behaviour should go unpunished, he deserves jail time certainly, but this should also be a clear signal that service providers need to get more serious about security and take more responsibility.
edited for clarity.