![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 69%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYJ%3C/text%3E%3C/svg%3E)
Follow the official hacked-account recovery process and the automated tools; community forums and support agents cannot directly fix or override account security.
- Use the hacked/compromised account guide Go through the steps in How to recover a hacked or compromised Microsoft account. This guide is the supported path when a different email or security method appears on sign-in and access to services like Xbox, OneDrive, and Office is lost. Start with the sign-in helper tool, which will either show self‑help options or offer a way to talk to an agent.
- Clean the PC before changing any passwords Before changing passwords, run a full antivirus/malware scan on the PC to ensure it is not still compromised.
- If using Windows 10/11, turn on and run Windows Defender as described in the article, and perform a full scan.
- Configure the antivirus to update automatically and scan regularly.
- Change or reset the Microsoft account password After confirming the PC is clean:
- If sign-in is still possible to the original Microsoft account, immediately change the password using the link in the guide and choose a strong, unique password.
- If sign-in is no longer possible because the attacker changed the password or security info, use reset your password and follow the hacked-account flow (select the option indicating someone else is using the account).
- Use the Sign-in Helper / recovery form if normal reset fails If normal password reset does not work, use the Sign-in Helper for hacked accounts. It will route to the account recovery form where as much accurate information as possible must be provided (old passwords, Xbox/Minecraft details, billing info previously used, etc.). If the form repeatedly fails, the account is typically considered unrecoverable.
- Review account activity and security settings (if access is restored) Once access is regained:
- Go to the Security basics page and open Recent activity to check for unusual sign-ins. Mark any activity that was not performed as “This wasn’t me” or secure the account as instructed.
- Review and correct mailbox and account settings that an attacker might have changed, including:
- Connected accounts
- Forwarding rules
- Automatic replies
- Remove any unknown aliases or alternate email addresses from the account’s sign-in and security info.
- Add additional secure verification methods To make recovery easier in the future:
- On Advanced security options, Add a new way to sign in or verify (for example, Microsoft Authenticator or another trusted email/phone).
- Ensure all security contact methods are up to date and belong only to the legitimate owner.
- If the attacker replaced all security info If all previous security info has been removed and replaced (for example, the sign-in prompts only show the attacker’s Gmail for codes), and the recovery form cannot verify ownership, there is no supported method to forcefully reclaim the account. In that case:
- Continue using the new Microsoft account that was created.
- Contact Minecraft/Xbox support separately to ask about options for game licenses, but there is no guarantee they can be moved.
References:
- How to recover a hacked or compromised Microsoft account
- What happens if there's an unusual sign-in to your account
- How to help keep your Microsoft account secure
- Hello , welcome to Account help & learning
- Need help with hacked microsoft account - Microsoft Q&A
- My account got hacked. - Microsoft Q&A
- My account got hacked - Microsoft Q&A
- Entraron a mi cuenta de microsoft y cambiaron el gmail y contraseña - Microsoft Q&A