How? Even with the password for this user, you could still only gain access to the read-only schema.
Something I should have spelled out - the read-only schema has only the data that the charts need (heavily aggregated views). We basically build with the assumption that the schema will be compromised, but only that one schema.
Without ssl all that data can be observed in transit between your read-only schema and the consuming service. There's very low risk to integrity (i.e. nobody can modify data via read-only methods), but complete list of confidentiality.
I think it was related to the "with or without SSL". Obviously the data you send can be intercepted without SSL but no other data (and with SSL not even that).
Something I should have spelled out - the read-only schema has only the data that the charts need (heavily aggregated views). We basically build with the assumption that the schema will be compromised, but only that one schema.