In small numbers, this often does not bear investigation. In large numbers, check if the access is from a programmatic tool that is misconfigured. If not, validate with the person responsible for the credentials being used that this is expected activity. If not, credentials should be rotated as they may be compromised.