IP restrictions were enabled for CloudSOC tenant and SysAdmins were subsequently blocked out of CloudSOC.
CloudSoc offers a security feature where the Admin can configure a list of IP Addresses from which the Admins can login to Cloudsoc console. Typically those are the trusted IP addresses that the customer use (egress public address).
If the public IP address entered is not correct, or if the border gateway changes the IP address for any reason, then the admin user won't be able to log in "as expected".
The first thing to do is to reach out to any Cloudsoc Admin in your corporate who can still connect to Cloudsoc via the configured IP addresses (probably on a different corporate location, or in a different region). if that the case, then all they can do is to locate the IP address profile configured and they can either modify the settings or delete it (Settings > IP Addresses) - Screenshot bellow -
If none of the admins can access the Cloudsoc Console via the configured IP addresses then the only way around that is to reach out to Broadcom Cloudsoc Support for assistance.
To do that, open a case with Technical Support and request to remove the appropriate IP address restrictions
The change is verifiable soon after Support performs the correction via CloudSOC backend.