Most SaaS apps allow account to be recovered through mail. If an attacker gains access to a user’s mailbox, he can easily issue recovery requests for all the accounts that particular mail has been registered as a primary or secondary recover mail. Then he may proceed to delete recovery mails to hide his tracks