Security breach after setting up new computer

Anonymous
2025-04-17T21:17:42+00:00

I set up a brand new Dell Laptop with Windows 11 last night. 3 hours later, there were 4 cases/locations of successful log-ins (attempted hacks) reported in my MSN sign-in activity. Any thoughts on why this may have happened and is there a security problem at Microsoft. I think that signing in and changing my sign in from pin to password on the new laptop caused this breach?

Windows for home | Windows 11 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments No comments

21 answers

Sort by: Most helpful
  1. quietman7 MVP Alumni 19,820 Reputation points Volunteer Moderator
    2025-04-18T10:29:40+00:00

    You're welcome.

    Passkeys (passwordless authentication) are a replacement for passwords which allow you to can sign into your Microsoft personal account or work/school account much faster. Passkeys are also resistant to and helps protect against phishing attacks, making them a much more secure option. Microsoft has long been a proponent of passwordless authentication (passkeys) for years and other industries are moving in that direction too. Since passkeys are unique to each website or application you don't have to worry about someone else using your passkey to access them.

    Using multi-factor authentication (MFA) and two-factor authentication (2FA) are other options.

    This is the new norm in today's world due to the number of data breaches where large amounts of personal information (including usernames and passwords) is stolen by criminals and published for sale on the Internet. We as users of this technology must take steps to minimize the risk of all sorts of threats, not just Microsoft sign-in attempts.

    Was this answer helpful?

    0 comments No comments
  2. Anonymous
    2025-04-18T01:48:05+00:00

    Thanks, that's what I've been trying to clarify. I still feel that there was some kind of security issue on Microsoft's side that allowed my password to be exposed when I set up the new laptop? I had an extremely complex password, maybe 22 to 25 characters. I could never get my arms around their 2 factor authorization. It does not work well with the phone; the need for a third contact (not your e-mail with Msn, not your phone, but something else. Not fond of the Authentication App. Why can't we just opt for a phone text with a code at every sign in like every other provider out there? Anyway, you have given me some optimistic information .

    Was this answer helpful?

    0 comments No comments
  3. quietman7 MVP Alumni 19,820 Reputation points Volunteer Moderator
    2025-04-18T00:50:09+00:00

    "Resolved Unusual Activity" does not always mean your account was hacked or compromised. It can just mean that Microsoft detected suspicious behavior on your account such as a login attempt from a new location or device, an unusual location or any other action they deemed to be unusual activity. When that occurs, Microsoft will take action to protect your account which could involve temporarily blocking access or requiring additional verification from you. 
     
    As noted in What happens if there's an unusual sign-in to your account

    Quote

    Response to unusuaal activity
    We may have blocked your sign-in if you're using a new device, if you installed a new app, or if you're traveling or in any new location. This security measure helps keep your account safe in case someone else gets your account information and tries to sign in as you.

    If your account was locked, follow the instructions on the sign-in screen to unlock it. That requires you to ask Microsoft to send a security code and when received, use it to access your account.
     
    If you get an email about unusual activity on your Microsoft account, or if you’re worried that someone else might have used your account you are directed to check your Recent activity page as instructed in Check the recent sign-in activity for your Microsoft account support article.

    Was this answer helpful?

    0 comments No comments
  4. Anonymous
    2025-04-17T22:33:21+00:00

    Thanks for the reply. Understood, I guess I was not clear. These were successful sign-ins. Two were reported as "resolved unusual activity", and two were "sign in blocked (account compromised)". I'm trying to understand what resolved unusual activity means. Were they blocked before complete entry, perhaps because MSN requested a code (I do not have 2FA) but they do request codes for unknown devices? I ran scans, changed my password and have not seen anything suspicious. Why would 4 happen right after my new computer set up? Very strange. I'm hoping they got past the sign-in but were blocked into the account. I do not see any unfamiliar devices listed, I believe they appear when signing in from a new device?

    Was this answer helpful?

    0 comments No comments
  5. quietman7 MVP Alumni 19,820 Reputation points Volunteer Moderator
    2025-04-17T22:15:36+00:00

    Multiple unsuccessful sign-in attempts from multiple locations all over the world are not uncommon. HackersBotnetszombie computers are known to constantly scour the Internet, randomly searching (scanning) for vulnerable computer ports, user accounts, passwords, emails and make make repeated attempts to access them.
     
    When Microsoft notices a sign-in attempt from a new location or device, they help protect the account by sending you an email message and an SMS alert as noted in What happens if there's an unusual sign-in to your account
     
    As long as these attempts are unsuccessful, an attacker will not gain access and your account remains safe (uncompromised). If you think someone has accessed your account, check your Microsoft account's recent sign-in activity page. If there is any unusual activity, change your Microsoft account password to protect your account.
     
    To increase your security and minimize the risk of account compromise and identity theft, use strong passwordspasskeysmulti-factor authentication (MFA) and two-factor authentication (2FA). You can also create a new alias (nickname or moniker) to disguise yourself with a new identify while using your primary account which can further minimize the risk against hackers.

    Was this answer helpful?

    0 comments No comments