What email address did it come from, no links in it at all? I would assume phishing attempts that would be coming from a BS email that has a link to either go sign in or change your password which would send you to a site and then collect your entry, thereby gathering your actual sign in info.
That can be compiled into other data over time and eventually whoever purchases or collects it all with have a full set, or immediately have a full set when they try those credentials on other sites that may not have 2 factor set up.
What email address did it come from, no links in it at all? I would assume phishing attempts that would be coming from a BS email that has a link to either go sign in or change your password which would send you to a site and then collect your entry, thereby gathering your actual sign in info.
That can be compiled into other data over time and eventually whoever purchases or collects it all with have a full set, or immediately have a full set when they try those credentials on other sites that may not have 2 factor set up.