Depend on how easy it is to prove that you did it. For example if you're using 2FA with client specific passwords that all show locked out accounts then it's probable that they could request your access control logs for your 2FA provider.

If only one or two such services were "timed out" then it's going to be harder to prove.