Kid gets busted for pointing out flaws in school system

[johnlowry at gmail.com (John Lowry)]

http://timesunion.com/AspStories/story.asp?storyID=732745

The article does not go too deep into detail about what exactly 
happened. It sounds like permissions were allowing a student to access 
an employee file with sensitive data within it, DL numbers, SS#s, etc. 
The student then emailed his principle "saying he had the database." Has 
it how? Like he can access the file or has a copy?

Apparently the student used two passwords, perhaps another student's, to 
access the info. This something that should be looked at and is almost 
for sure a violation of policy, but looking around into what files he 
had access to? I dunno it sounds like the kid pointed out a bad 
situation and got in trouble from it.