This Knowledge-base article shows you a possible reason of mistake in the records of connections times by M2Web and how to fix it.
Sometimes it can happen that the connection ends later after the logout.
Why is this happening?
It can happen that user is logging on M2Web using main server (m2web.talk2m.com) and connects to a device which is behind another M2Web server (Ex: eu1.m2web.talk2m.com, or sg.m2web.talk2m.com...).
When the user logs out, he does it using main server again. Session logs out is distributed but connection tokens are not which means the token is still present on secondary server.
Idle connection tokens are cleaned every 5min. This explains why the "disconnection" happens after actual log out.
Is there a security issue?
No, the global session is expired and the connection token is therefore useless.
If the customer finds this annoying, then he can simply log in M2Web using sg.m2web.talk2m.com instead of plain m2web.talk2m.com. Connection tokens will be cleaned together with session token.
Check if the PLC discovery feature has been activated on the device during this period, as the cause of using a large amount of data by the configuration is also explained in the linked document.