We are facing an issue in Exposure Management Identity when calculating recommendation impact for set of recommendations - ‘Enforce MFA in your organization’, ‘Remind your users to change their password’ and ‘Reset passwords of users with risky login activity’.
As a result of the issue, the related Identity findings remain visible and recommendation impact remain same, even after the suggested changes are applied. The Identities page is showing correct user info.
We are working to address this issue as soon as possible.