User has provided xyz access to some SaaS app, now attacker compromises the SaaS app and gains access to user’s data through previously issued authorization
If an adversary compromises an SaaS account integrated with other apps, they can escalate privileges and move laterally to other apps.