"Hackers" who work for companies to expose security flaws are definitely good, they're helping protect systems, often referred to as "white-hat" hackers. Many companies hire people like these or offer bounties for such people who can find vulnerabilities. One could say that even without permission, people who hack with the intent of demonstrating holes in security or improving a service could be considered good.
However, I don't believe that as firstly, they are breaking the law, and secondly, they are stealing data and invading people's privacy. One might as well break into somebody's house to say their security is bad!
