Answer:
Step-by-step explanation:
I can give you my opinion on the matter, not sure if this was taught to you or not so please take it with a grain of salt.
Her actions are highly unethical and even illegal to some extent. Especially in USA, FERPA prevents random people from accessing your educational records without your permission and there's hundreds of universities with their own rules/regulations on protecting students' privacy. The sys admin should have first recorded this event when she reported it and then actually went into the system to see if unwanted access has been done by any user(s). University should look at disciplinary actions since the person willingly accessed the system even after they reported the bug and also let ALL the university student/faculty/staff know of the problem and how they plan on fixing it.
This is only a summary, and this is my opinion. please expand in places where needed.
I found another answer in go.ogle:
I feel the actions of this person were unethical.
The student's action in searching for the loophole was neither definitively ethical nor unethical, as their motives are unclear.
The student's action in continuing to access records for two weeks was unethical, as this is a violation of privacy.
The system admin's failure to correct the problem could be considered unethical, but it is difficult to surmise, as there are not enough details.