Hi @Anonymous ,
If you have Inactive/Terminated/Disabled users from AD, when you go to SharePoint Online, you will still see those user accounts in SharePoint site permission list. It is a normal behavior. However, it doesn’t mean the user has access. This is not a security issue, and SharePoint always keeps a record of a user. You may need to delete the user from User Information List(go to http://siteUrl/_layouts/15/people.aspx?MembershipGroupId=0 and delete from there)
For more details, you can refer to this article: How to remove deleted users from SharePoint Online
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.