What does the term 'compromised accounts' refer to?

The term 'compromised accounts' refers specifically to user accounts that have been breached by unauthorized access. When an account is compromised, it signifies that an attacker has gained access to it without permission, which can lead to data theft, unauthorized transactions, or other malicious activities. This definition is crucial in the context of cybersecurity, where understanding the state of an account is key to maintaining security and mitigating risks.

In various scenarios, compromised accounts can lead to broader security threats, as attackers may use them to pivot to other systems, exfiltrate sensitive data, or perform actions that can severely impact both individuals and organizations. Therefore, addressing compromised accounts is a priority for incident response and security management.

The other options do not accurately capture the essence of compromised accounts. Locked out accounts are a result of security measures to prevent unauthorized access, while accounts with expired credentials or those needing password updates represent a proactive security measure rather than a breach of security.