My original microsoft account has been hacked

Question

Ive had this account since 2019-20 and the account was recently hacked. It's email was changed as well as the fact that they added 2fa. Completely locking me out of my account. What do I do? None of the automated support is helping me at all. And I really dont want to lose my account

Answer 1

Hi,

If the hacker changed your email address, it is very hard to recover the account, and it may already be permanently unrecoverable. I’m sorry.

Especially if the hacker enabled 2FA, this means the account recovery form may no longer work. You can try the steps below to see if they help: https://support.microsoft.com/account-billing/how-to-recover-a-hacked-or-compromised-microsoft-account-24ca907d-bcdf-a44b-4656-47f0cd89c245

---

If none of the steps work, I’m sorry to say that since the username has already been changed to a different one, it means the account has been taken over by the hacker. There is no way to recover it, and it is now unfortunately lost.

Answer 2

Follow these steps in order, focusing on the official recovery flow. Since the email and 2FA were changed, only Microsoft’s automated recovery can restore access.

1. Secure devices first
   • Run a full antivirus/malware scan on every device used to sign in to this Microsoft account.
   • On Windows 10/11 or 8.1, use Windows Defender:
     • Select Start → search for Windows Defender → open it and run a full scan.
   • Ensure protection is up to date and set to scan regularly.
2. Use the hacked/compromised account troubleshooter
   • Go to the official “How to recover a hacked or compromised Microsoft account” page and select Start to open the sign‑in helper: Start.
   • Enter the email/phone/Skype name of the hacked account.
   • Follow the flow; it will either:
     • Offer self‑help (password reset / security checks), or
     • Offer a way to contact an agent, depending on what the system detects.
3. Try password reset with “someone else is using my account”
   • If you can reach the sign‑in page for the account, choose Forgot my password.
   • When prompted for the reason, select I think someone else is using my Microsoft account and follow the instructions.
   • If you can’t sign in at all, use the reset flow referenced from the hacked-account article: reset your password.
4. Use the Account Recovery form (if normal reset fails)
   • If standard reset and the sign‑in helper don’t work, use the Microsoft Account Recovery form (linked from the hacked-account guide).
   • Submit it from a device and location normally used for this account.
   • Provide as much accurate detail as possible (old passwords, subject lines, contacts, services used, etc.).
   • If a submission is rejected, adjust answers and try again after any lockout period ends; multiple detailed attempts are often required.
5. If you regain access, lock the attacker out
   • Immediately change the password to a strong, unique one: change your password.
   • Review and clean up:
     • Security info (phone, email, sign‑in methods) on the Security basics / Advanced security options pages.
     • Add another way to sign in or verify (extra email/phone/Microsoft Authenticator) so recovery is easier next time.
     • Outlook settings: check connected accounts, forwarding, automatic replies, and rules for anything you didn’t set and remove it.
   • Use Sign out everywhere if needed to terminate all active sessions.
6. If all recovery attempts fail
   • For consumer Microsoft accounts, if the account recovery web form and hacked-account troubleshooter cannot verify ownership (especially after security info was replaced by the hacker), there is no alternative manual override. Support agents cannot bypass these automated checks for security reasons.
   • In that case, focus on:
     • Securing other accounts that used this email as a login or recovery address.
     • Informing contacts that the old address is compromised.

For any future or replacement account, enable strong security early: strong password, up‑to‑date recovery email/phone, and at least one additional sign‑in method.

---

References:

• How to recover a hacked or compromised Microsoft account
• Hello , welcome to Account help & learning
• How to help keep your Microsoft account secure
• My account got hacked - Microsoft Q&A
• Cannot Access Microsoft Account After Hacker Changed Email, Advice Needed - Microsoft Q&A
• My personal hotmail account hacked by hacker with authentication app enabled. - Microsoft Q&A
• hello my email was (Moderator note: PII removed)@icloud.com and now its (Moderator note: PII removed)@jerkoffmail.com can please someone help me and the team change it my username in xbox is (Moderator note: PII removed) please help me team and change it - Microsoft Q&A
• What happens if there's an unusual sign-in to your account