High Volume Email: Continued support for Basic Authentication & other important updates

We're trying to understand the sign-in logs of our HVE accounts.  Source IPs are not ours, seem to be Microsoft IPs, but from many different geo-locations than the location IP address of where we use the account.  Also, the apps listed is not clear.  Hopefully my attached image will come with this post where it shows signed in apps SmtpBasicAuthApp and Office 365 Exchange Online, sometimes at the near same point in time, but sometimes just 1 by itself.  And then occasionally there is app TEST-SMTPBasicAuthApp that gets logged.  These 3 apps seem reasonable considering the purpose of HVE, and still in a preview test phase.  The question is, if ever we see an HVE account logging into any other app, then does that mean the account is compromised?  Is there a way to determine our source public IP of an HVE sign-in, for those HVEs we use at multiple locations with their own internet point of presence?  The attached screenshot is for 1 of our HVE accounts used at 1 location.  Thank you.