two major reasons for 'number of records'
- if security policies are being used which may be restricting number of records
- if record level security is being used, it may not restrict number of records.
apart from above you may have a look at currently assigned roles, if they have access to customer view/maintain and/or appropriate needed security/privilege/duty