Cyber criminals are very imaginative and find lots of ways to profit from access to one of your employee’s mailboxes.
The first thing they will do is try to defraud you, your customers or your suppliers. If they can find an email in the inbox or sent items which mentions any kind of payment, they will reply saying the payment needs to be made to a different account (their account!)
If that doesn’t work they might try requesting a change to where the employee’s salary is paid.
Their final move (and the thing which normally alerts you to their presence) is to bulk email every email address they can find with a phishing email in the hope of repeating the process again. That final step can cause massive damage to your reputation, especially if one of the recipients falls for the phish and has their mailbox compromised.