As you know, password attacks have been there for quite some time.
Well, if you are using Azure AD Identity Protection to help you secure your accounts, you now have the ability to have report on the specific password spray attack from the Risk Detection.
You need to use Azure AD P2 to be able to get this report; if you are using Azure AD P1, this will not be available.
To get the report, connect to you Azure AD portal (https://aad.portal.azure.com/) or Azure portal (https://portal.azure.com) and access the Azure Active Directory blade
Then go the SecurityRisk Detections blade – hopefully you should not have to much report
Finally select Password spray as Detection type filter