Which of the following scenarios would most likely warrant an investigation into potential account compromise due to indications of 'Concurrent session usage'?
After changing passwords, a user experiences a series of re-authentication prompts on their previously authenticated devices
A user logs into a VPN from their home network and then logs into a web application using the same credentials from the same network
A user logs into their email from a new device in their home country a day after logging in from their office computer
A user's corporate email account is accessed simultaneously from a workstation in the company's New York office and a mobile device in Paris