RM sends our SEO report to a hacker

Congratulations on your great tool and work; it’s been very useful.
BTW I am the owner of the email accounts [redacted] and [redacted], our subsidiary organisation, which is used in the screenshot below.

I today noticed an issue where RankMath (free version) was sending the monthly SEO reports to a previous Owner on our Google Search Console account. The problem is that this email ( [redacted] ) is associated with a hacker who inserted themselves as an Owner on our Search console back in November 2021. I found out today because the reports are sending through our plugin, from my email address. While we got the attack under control in early December, I just found that two SEO reports were sent to the hacker email in early January and early February.
It seems to me that RM did not itself update the list of “members”/users to send the email reports to, and it must be using the ones from Search Console, as this email was never a user on our website.
I just disconnected from Google and then set up the connection again, hoping that RM will now use the latest list of Owners to send email to.
I hope you can fix this for RM to update the users to send reports to regularly, especially for the free plugin, where you cannot update that list.
Let me know if you have any questions, and I can send you more detail.