![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 45%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Identity Manager
A tool for managing user identities, credentials, and access across on-premises and cloud environments
Yes, recovery is sometimes possible, but only through the official self-service process. Follow these steps:
- Secure all devices first
- Because a keylogger was involved, clean every device used to sign in to this account.
- Run a full antivirus/malware scan on each device. If using Windows 10/11, ensure Microsoft Defender is enabled and up to date, then run a full scan as described in the hacked-account guidance.
- Do not attempt account recovery again until devices are clean, otherwise the attacker may capture new passwords.
- Use Microsoft’s hacked/compromised account flow
- Go to the official hacked-account recovery guide and start the Sign-in Helper: How to recover a hacked or compromised Microsoft account.
- The Sign-in Helper will ask for the email/phone and then:
- Offer self-help (password reset / security checks), or
- Offer a path to talk to an agent if available.
- If the sign-in email was changed
- If the attacker changed the primary alias/email, use the account recovery form via the Sign-in Helper.
- Provide as much accurate information as possible (old password, devices used, approximate creation date, subject lines/contacts, etc.).
- If the system reports that the account “does not exist” or recovery fails and the security info has been fully replaced, there is no alternative manual override for consumer Microsoft accounts, as confirmed in similar cases.
- If access is regained
- Immediately change the password to a strong, unique one.
- Turn on two-step verification (MFA) and add multiple security methods (phone, alternate email, authenticator app).
- Review and fix security settings:
- Check Security basics → Review activity and mark any sign-ins that weren’t yours, then follow the prompts to Secure your account.
- In Outlook.com, check Rules, Forwarding, and Automatic replies for anything suspicious and remove it.
- Sign out of all sessions and remove any unknown devices or app permissions.
- If recovery ultimately fails
- If the official recovery form and Sign-in Helper cannot verify ownership, Microsoft Support cannot bypass these automated checks for consumer accounts.
- In that case, create a new Microsoft account, secure it with MFA from the start, and notify contacts that the old account was compromised.
References:
- How to recover a hacked or compromised Microsoft account
- Hello , welcome to Account help & learning
- What happens if there's an unusual sign-in to your account
- Help protect your Outlook.com email account
- My personal hotmail account hacked by hacker with authentication app enabled. - Microsoft Q&A
- Cannot Access Microsoft Account After Hacker Changed Email, Advice Needed - Microsoft Q&A
- hello my email was (Moderator note: PII removed)@icloud.com and now its (Moderator note: PII removed)@jerkoffmail.com can please someone help me and the team change it my username in xbox is (Moderator note: PII removed) please help me team and change it - Microsoft Q&A