This is unethical.
First, it takes advantage of a flaw in the old company's system to, in its view, assume a position of superiority, which does not exist. Second, he is committing a flawed act, possibly liable to punishment. The data of a company is confidential, an employee has access when the company trusts and needs, normally it is expected that the person will commit to the terms signed in contract, specific to each position. What he did is unethical and immoral. It is an attack on private property.
In addition, this compromises his reputation in the new job. If he works with ethical people, he can be reported to his new boss who will take the measure of firing him, after all, it is possible that he will do the same in the new company if he has the opportunity.