Compromised account

Question

I am currently dealing with the aftermath of a major data breach in which many of my passwords, social media accounts, and personal information were compromised. Over the past several days, I have been actively working to secure and restore access to my accounts, and for the most part, I have successfully recovered many of them.

However, I recently discovered that my Microsoft account was also compromised. The attacker appears to have changed the original Gmail address connected to the account, which has completely locked me out of my original Microsoft account. This has made the recovery process significantly more difficult, as I no longer have access to the recovery email associated with the account. I am continuing to work through the account recovery and security verification process in an attempt to regain full access and secure all remaining accounts connected to the breach.

Answer 1

Account recovery is an automated process, even if you can contact Microsoft Support, they cannot recover your account, they will just refer you to the account recovery form.

I wish I had better news,, when a Microsoft account is hacked, if the hackers change the associated data like the Email, then that account is usually no longer recoverable, this forum is just a user to user account and no-one here has any account access, try using the process they provide on this link to recover a hacked account, if this process is not successful, sadly, that account cannot be recovered.

https://support.microsoft.com/en-us/account-billing/how-to-recover-a-hacked-or-compromised-microsoft-account-24ca907d-bcdf-a44b-4656-47f0cd89c245

Answer 2

For a compromised personal Microsoft/Outlook.com account where the sign‑in email and recovery Gmail were changed, only the official recovery and security flows can be used. Community forums and standard support channels cannot directly reset or override account security for personal accounts.

Follow these steps:

1. Use the hacked/compromised account guidance
   • Work through the official guidance for a hacked or compromised Microsoft account: scan all devices for malware, then change passwords and review security settings for any accounts you still control. This helps prevent the attacker from regaining access to other services.
   • See: How to recover a hacked or compromised Microsoft account.
2. Submit the Microsoft account recovery form
   • If the attacker changed the primary sign‑in email and security info and sign‑in is no longer possible, use the account recovery form as the primary path:
     • Go to the recovery flow (linked from the hacked/compromised account article) and complete the form.
     • Provide as much accurate information as possible (old passwords, approximate creation date, subject lines of recent emails, contacts, billing details used on the account, etc.).
   • If the automated system determines that the information is insufficient, the account cannot be recovered; there is no manual override for consumer accounts.
   • For help filling out the form, see Help with the Microsoft account recovery form.
3. If recovery is still possible and you regain access
   • Immediately change the password to a strong, unique one.
   • Review and correct security info (phone, alternate email, authenticator methods) so codes no longer go to the attacker.
   • Check Outlook.com settings for:
     • Connected accounts
     • Forwarding
     • Automatic replies
   • Remove anything you do not recognize.
4. If the account cannot be recovered
   • If the recovery form repeatedly fails and the guidance under Your Microsoft account recovery request wasn’t granted applies, the account is effectively unrecoverable.
   • Create a new Microsoft account and:
     • Update email addresses on other services that used the compromised account.
     • Inform important contacts that the old address is compromised and should not be trusted.
5. If the Outlook.com mailbox is blocked but the account is still yours
   • If the account is only temporarily blocked due to unusual activity (not fully taken over), use the Unblock my Outlook.com account flow via the Sign‑in Helper.

Because the attacker changed the original Gmail and security info, the outcome depends entirely on whether the automated recovery form can verify ownership based on the information provided. If it cannot, Microsoft support cannot bypass those checks for a personal account.

---

References:

• How to recover a hacked or compromised Microsoft account
• Help with the Microsoft account recovery form
• Your Microsoft account recovery request wasn’t granted
• Unblock my Outlook.com account
• What happens if there's an unusual sign-in to your account
• Respond to a compromised cloud email account
• My personal hotmail account hacked by hacker with authentication app enabled. - Microsoft Q&A
• Need help with hacked microsoft account - Microsoft Q&A
• How do I send an email to Microsoft about my account being hacked and taken over by <removed> ? - Microsoft Q&A
• My account got hacked. - Microsoft Q&A
• Entraron a mi cuenta de microsoft y cambiaron el gmail y contraseña - Microsoft Q&A