This feature could prove useful in many use cases, an example of which is generating an email alert to a user account who has experienced multiple logon failures. The user may be aware of these events and can ignore them, however they may be not aware and need to take action i.e. still logged on to another computer under an expired password; expired password on a mobile device trying to make regular Exchange ActiveSync calls or; malicious attempts to access their account. An administrator can already receive such alerts, but administrators are also usually overwhelmed with other events.
