Share via

Account hacked/compromised fully

Nathanael Henry 0 Reputation points
2026-05-28T11:34:24.12+00:00

My account was hacked/compromised through me putting in a verification code from a phishing prompt. After that, I got an email saying my security info was removed, and shortly afterwards, my security info was replaced. Now, when I try to sign in with my original email, it says the account does not exist. Are there any steps to recover this?

Outlook | Web | Outlook.com | Account management, security, and privacy
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Estrella721 38,820 Reputation points Independent Advisor
    2026-05-28T12:17:54.2166667+00:00

    Hi,

    I really wanted to bring you good news, but honestly, if the hacker changes your email address and other information, recovering your account can be challenging, and it may be permanently lost. I understand that this is a difficult situation. You can check the Microsoft article below to see if it can help.

    https://support.microsoft.com/account-billing/how-to-recover-a-hacked-or-compromised-microsoft-account-24ca907d-bcdf-a44b-4656-47f0cd89c245

    Also, please fill out the account recovery form. For the link and instructions, refer to step 3 in the link below.

    Help with the Microsoft account recovery form:

    https://support.microsoft.com/account-billing/help-with-the-microsoft-account-recovery-form-b19c02d1-a782-dee6-93c3-dc8113b20c42

    If none of the steps work, I’m sorry to say that since the username has already been changed to a different one, it means the account has been taken over by the hacker. There is no way to recover it, and it is now unfortunately lost.

    Was this answer helpful?

    0 comments

  2. AI answer

    2026-05-28T11:34:57.2566667+00:00

    If the account now shows “account does not exist” after being fully taken over and the security info has been removed and replaced, recovery is only possible through the official Microsoft account recovery and hacked-account flows. If those fail, there is no further escalation path.

    Follow these steps:

    1. Use the hacked/compromised account guide
    2. Try standard sign-in recovery
      • Go to Recover your account and enter the email/phone/Skype name that was used to sign in.
      • Follow the prompts to receive a security code and reset the password if the account is still recognized.
      • See: My username and password have stopped working.
    3. If the account is not recognized (“does not exist”)
      • Carefully check spelling and domain (for example, outlook.com vs outlook.co.uk, hotmail.com, etc.).
      • If still not recognized and there is another alias or phone number that was ever on the account, try that instead.
      • If the recovery page or ACSR form indicates the account does not exist and does not allow continuing, follow the guidance in Help with the Microsoft account recovery form and the hacked-account article. If the form cannot be submitted or repeatedly fails, there is no alternative manual override.
    4. When security info has been removed/replaced
      • If all security info was removed and replaced, the account normally enters a 30‑day restricted state (“security info change is still pending”). During that period:
        • If the change was not made by the owner, use the options on that pending screen (such as “Let us know”) to report an unauthorized change.
        • If the change was made by the owner and the original security info is still accessible, use “Cancel this request” from that same screen.
      • See: What does “Security info change is still pending” mean?.
    5. If all recovery attempts fail
      • For personal Microsoft accounts, if the hacked-account guide and the Microsoft account recovery form do not succeed, and the attacker has replaced all security info, there is no other supported method to regain access. Support agents cannot bypass or reset security info or send custom reset links.

    Going forward, after regaining access (or for any new account), enable strong security info (trusted phone/email, Microsoft Authenticator, strong password) and be cautious with verification prompts to avoid phishing.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.