[Urgent] Tenant locked out — only Global Admin (PII ) MFA tied to former employee’s Authenticator/phone. Request Tenant Access Recovery and MFA reset

Question

Hello, we urgently need assistance because we are locked out of our Microsoft 365 tenant. The only Global Administrator account is inaccessible due to MFA being registered to a former employee.

1) Issue summary

• Admin account: PII

During sign-in, the only available verification methods are:

Microsoft Authenticator app approval

  **SMS text message**

  
     **Phone call**

     
     The Authenticator device and phone number are registered to a former employee who has left the company. We no longer have access to that device/phone number and cannot contact them.

     
     As a result, we cannot sign in to Microsoft 365 admin center / Microsoft Entra admin center to change authentication methods, reset MFA, create/modify admin accounts, or assign roles.
```### 2) Key fact (why recovery is required)

We **do not have access to any other admin account** in the tenant (including Global Admin, Authentication Admin, or Privileged Authentication Admin).

Therefore, there is **no internal administrative path** to reset MFA or regain access.

### 3) What we request

Please proceed with the official **Tenant Access Recovery** process to restore tenant access by either:

   **Resetting/removing the existing MFA methods** (Authenticator/SMS/phone) for **PII**, and/or

```sql
  **Assigning a new Global Administrator** to the current administrator after verification.

  
  Please advise the required **ownership verification steps and documents** (e.g., DNS TXT record verification, billing/subscription details, business registration documents, etc.). We can provide these immediately.

  
  After recovery, please share best practices to set up a **break-glass emergency admin account** to prevent recurrence.
```This is urgent, so we would appreciate escalation and expedited handling. Thank you.Hello, we urgently need assistance because we are locked out of our Microsoft 365 tenant. The only Global Administrator account is inaccessible due to MFA being registered to a former employee.

### 1) Issue summary

Admin account: **PII**

During sign-in, the only available verification methods are:

   **Microsoft Authenticator app approval**
   
```json
  **SMS text message**

  
     **Phone call**

     
     The Authenticator device and phone number are registered to a former employee who has left the company. We no longer have access to that device/phone number and cannot contact them.

     
     As a result, we cannot sign in to Microsoft 365 admin center / Microsoft Entra admin center to change authentication methods, reset MFA, create/modify admin accounts, or assign roles.
```### 2) Key fact (why recovery is required)

We **do not have access to any other admin account** in the tenant (including Global Admin, Authentication Admin, or Privileged Authentication Admin).

Therefore, there is **no internal administrative path** to reset MFA or regain access.

### 3) What we request

Please proceed with the official **Tenant Access Recovery** process to restore tenant access by either:

   **Resetting/removing the existing MFA methods** (Authenticator/SMS/phone) for ********@iscm.kr**, and/or
   
```sql
  **Assigning a new Global Administrator** to the current administrator after verification.

  
  Please advise the required **ownership verification steps and documents** (e.g., DNS TXT record verification, billing/subscription details, business registration documents, etc.). We can provide these immediately.

  
  After recovery, please share best practices to set up a **break-glass emergency admin account** to prevent recurrence.
```This is urgent, so we would appreciate escalation and expedited handling. Thank you.