Hi @Noisy-6527 • Thank you for reaching out.
Based on the information you have provided in your question, I understood that you encountered a successful sign-in event, for an MFA-enabled user account, from a new device in a different country without performing 2nd-factor authentication. Please correct me if I misunderstood it.
If this is the case, please check if you have enforced MFA via a Conditional Access policy. In a conditional access policy, you can use the below option to include/exclude specific countries based on which MFA will not be triggered for the countries which are not in the scope of the policy.
In the above example, all users who are added to the CA Policy will be required to perform MFA for the Cloud Apps included in the policy with an exception for the country France. This means, the policy won't apply to users signing in from France and MFA won't be required. They can simply supply their Username and Password for successful authentication.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.