As you may know, with Exchange Online you can (and should have) set a policy an outbound spam policy to block users for sending email if they have been compromised.
This has now been moved to the Security & Compliance Center (SCC) in the Alert section
In addition of this move, administrators have now the ability to unblock such users from the SCC portal from the Threat Management\Review section by accessing the Restricted Users option (or access directly using the URL https://protection.office.com/#/restrictedusers)