TP: If you can affirm that unconventional things to do, for instance significant-volume usage of OneDrive workload, were done with the app as a result of Graph API.FP: If you're able to verify that application made an inbox rule to a different or personal external email account for authentic explanations.This tends to suggest an tried breach within