I don't know the history of the site, but I have no reason to believe that the owners have tampered with roles and permissions.
I checked the table mdl_user and there is nothing unusual in the record with id=2:
| id | auth | confirmed | policyagreed | deleted | suspended | mnethostid | username | password ...
| 2 | manual | 1 | 0 | 0 | 0 | 1 | admin | [gibberish] ...
Am I missing something obvious?