So, I know this is a fairly common issue when an account is initially modified, as in the changes can take up to 24 hours to propagate.
https://support.microsoft.com/en-us/kb/2612821
HOWEVER, our situation is quite extraordinary because the terminated employee had access to an authenticated EAS device for MONTHS. More specifically:
-User employment was terminated on May 6th, 2016
-User account was suspended via AD and Exchange
-User password was reset
-User's file/email data was retained in case the need to review anything had come up
After our CEO had sent out an email with a read receipt request this past week, it became apparent the terminated employee still had email access as a read receipt was received. This is an enormous breach of security and privacy. Has anybody ever experienced anything like this? How could this have happened? Even if the employee somehow was able to acquire/guess the new password, it still should not have worked as the account was disabled. And we've never had this issue before despite following the appropriate termination and suspension protocol. If anybody has any input/ideas/suggestions, I am all ears as we would like to get to the bottom of this ASAP!
Thank you in advance.