An unknown user created a year ago was automatically added to the newly created AzureAD/365 tenant.

Question

I created a new empty AzureAD/365 tenant and linked an external existing "external-domain.com" domain to it.
After 15 minutes, a new user with upn like "username@external-domain.com" appeared in the tenant in this (external) domain with the creation date 2/12/2019.

This strange user has been automatically issued an "App Connect" license.
There is absolutely nothing in the Sign-Ins, only logins under my account and basic operations for setting up a new tenant.
In the Audit logs I see "Add member to group" event for this user with "Microsoft Teams Services" in Type Application and "User-Agent SkypeSpaces/1.0a$*+" in Additional Details.

What is it and why did this user auto-add happen?

Answer 1

Got answer from MS Support.
It's a known behavior of self-service sign-up, when somebody in the past created Skype or Teams account with email verified.

https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/directory-self-service-signup#terms-and-definitions

As for me, it's looks like the hole in the security... Because you can sell your dns domain, which once had a mail service, on-prem or in another cloud.
Then someone who buys this domain from you will find "new" auto-created active accounts after it is linked that domain to a AzureAD/365 tenant.