Microsoft Account stolen

Question

Hello , 2 months ago my account was stolen , hacker changed email (i didn't even receive email about change) and added passkey but my phone number is still in the account , but i cant do anything. i even tried contacting support but they said that they verified that this account is mine but they can't change account details. Any ideas what can i do?

Answer 1

Please be advised that Microsoft Support will not be able to assist you with manual recovery, unblock, and escalation for this case, as stated in this article, that they are not permitted to send password resets, access, or even change any details on the account:

https://support.microsoft.com/account-billing/help-with-the-microsoft-account-recovery-form-b19c02d1-a782-dee6-93c3-dc8113b20c42

Lastly, if your email address that has been removed by the hacker is a Microsoft domain, such as Hotmail, Outlook, MSN, Live, it can no longer be linked to any Microsoft accounts again.

You may check this link for reference: https://support.microsoft.com/office/add-or-remove-an-email-alias-in-outlook-com-459b1989-356d-40fa-a689-8f285b13f1f2

Best regards,

Darhyl

Answer 2

Hey there! Nice to meet you!

I'm sorry you are experiencing this.

Since the security info has been replaced by the hacker, I'm afraid there is no other working method to recover the Microsoft account, and Microsoft Support cannot help either.

Moving forward, please check the following link for more information on how to secure your account and help prevent hacking incidents: https://support.microsoft.com/account-billing/how-to-help-keep-your-microsoft-account-secure-628538c2-7006-33bb-5ef4-c917657362b9

Thank you for your understanding.

Best regards,

Darhyl

Answer 3

When a Microsoft account is stolen and the attacker has changed the sign‑in email and security info, options are very limited.

1. Follow the hacked/compromised account path
   • Use the official guide for compromised accounts and follow all steps: malware scan, password change (if still possible), and security review:
     • How to recover a hacked or compromised Microsoft account.
   • If sign‑in is still possible in any way (old device, cached session), immediately:
     • Change the password.
     • Remove any unknown sign‑in methods (passkeys, emails, phones).
     • Check and remove suspicious rules/forwarding in Outlook if used.
2. Use the Microsoft account recovery form (ACSR)
   • If sign‑in is no longer possible, the only supported path is the account recovery form:
     • Go to https://account.live.com/acsr (from context) and submit as much accurate information as possible (old passwords, contacts, subjects, devices, locations).
   • Submit from a device and location commonly used with the account.
   • The form can be retried (up to a limited number of times per day) if rejected.
3. Understand hard limits when security info was changed
   • If the hacker has replaced the security info and the automated recovery form cannot verify ownership, Microsoft Support cannot override or manually change the account details for consumer accounts.
   • This is confirmed in similar cases: when security info has been replaced and recovery fails, there is no alternative method to regain access.
4. If security info change is pending
   • If seeing messages like “Your security info change is still pending” or “You can't access this site right now”, it means all previous security info was removed and replaced, and the account is in a 30‑day restricted state.
   • In that case, it is necessary to wait for the 30‑day period to complete; during this time, notifications are sent to the original security info. If the change was initiated by the legitimate owner, it may be possible to cancel it; if not, there is no manual override.
5. Next steps if recovery is impossible
   • If the recovery form and hacked‑account guide do not restore access, there is no supported way to force changes to that account, even if support has verbally acknowledged ownership.
   • Create a new Microsoft account, secure it with strong password and two‑step verification, and update it on all services and contacts.

For any linked services (for example, Minecraft, Xbox, or Store purchases), contact those product‑specific supports separately to see if they can help with access or migration, but core Microsoft account recovery still relies on the same automated process.

---

References:

• How to recover a hacked or compromised Microsoft account
• What does “Security info change is still pending” mean?
• My username and password have stopped working
• Common problems with two-step verification for a work or school account
• My personal hotmail account hacked by hacker with authentication app enabled. - Microsoft Q&A
• Cannot Access Microsoft Account After Hacker Changed Email, Advice Needed - Microsoft Q&A
• hello my email was (Moderator note: PII removed)@icloud.com and now its (Moderator note: PII removed)@jerkoffmail.com can please someone help me and the team change it my username in xbox is (Moderator note: PII removed) please help me team and change it - Microsoft Q&A
• Entraron a mi cuenta de microsoft y cambiaron el gmail y contraseña - Microsoft Q&A