Were both new signups?
When the person returns from payment, s2Member sets a cookie in the user's browser, and will look for that cookie when the user registers. If the cookie is missing for some reason, then s2Member won't know it was a paid signup and give him the paid access. It's possible the user paid in one browser and deleted the cookies, maybe a browser add-on did it, or maybe he signed up from a different browser later?
If they use the sign up link from the email s2Member sends after payment, then it's not an issue, because the link includes the access info for the new account, no cookie is needed.
Does that help understand what may have happened in your case?