Improvement
If your account has 2FA enabled (and you should!), we'll now send you email notifications when an incorrect or already-used 2FA code is entered. We'll also let you know when 2FA has been turned on, and also when it's been disabled (or someone tries to disable it but fails).
2FA on its own is a great way to protect your account, but if a bad actor is at the point where they're able to get your 2FA code wrong, it's a sign that your password has been compromised. If you get an email like this, it's an important flag that you should change your passwords ASAP.