Who this account hacking?

It is not possible to identify or disclose who hacked the account or provide the hacker’s email. Microsoft and community forums cannot see or share that information.

What can be done is to secure and, if possible, recover the account and stop any further misuse:

1. Review recent activity and report activity that is not yours
   • Go to the Security basics page: https://account.microsoft.com/security
   • Select Review activity and open the Recent activity page.
   • For any sign-in or security event that is not yours:
     • If it appears under Unusual activity, expand it and select This wasn’t me.
     • If it appears under Recent activity, expand it and select Secure your account.
2. Treat the account as hacked/compromised and follow the official recovery steps
   • Follow the guidance in How to recover a hacked or compromised Microsoft account. Key steps include:
     1. Scan the PC/phone for malware using an up-to-date antivirus (for Windows 10/11 or 8.1, Windows Defender is built in). Run a full scan before changing passwords.
     2. Change or reset the Microsoft account password using a strong, unique password.
     3. Check account settings (especially Outlook.com) for:
        • Connected accounts
        • Forwarding rules
        • Automatic replies and remove anything you do not recognize.
3. If security info or aliases were changed by the attacker
   • If the account shows “Your security info change is still pending” or “You can’t access this site right now”, follow the options on that screen:
     • Use Cancel this request only if the change was started by you and you still have access to the old security info.
     • Use Let us know if you did not make the change; this starts the “unauthorized change” flow.
   • If you can reach Manage how you sign in, remove any email aliases or sign-in names that are not yours.
4. Use the official account recovery form if locked out
   • If sign-in is no longer possible, use the Microsoft account recovery process described in How to recover a hacked or compromised Microsoft account and Help with the Microsoft account recovery form (linked from that article).
   • Provide as much accurate information as possible (old passwords, approximate creation date, services used, etc.). If the form is repeatedly unsuccessful and all security info was replaced by the hacker, the account may be unrecoverable and Microsoft Support cannot override this.
5. For Minecraft access
   • Recovery of the Microsoft account is required to restore the original Minecraft license that was linked to it. If the Microsoft account cannot be recovered, Minecraft access tied to that account may also be unrecoverable.
   • For additional options regarding Minecraft purchases or accounts, contact Minecraft Support as described in the context.
6. Legal or law-enforcement action
   • If there is a desire to pursue legal action or a lawsuit, contact local law enforcement or legal counsel with any evidence (such as recordings, logs, or emails). Microsoft and community support cannot provide the attacker’s identity or email.

For future protection, ensure security info (alternate email and phone) is up to date, enable strong authentication methods where available, and regularly review recent activity.

References:

• What happens if there's an unusual sign-in to your account
• Help protect your Outlook.com email account
• How to recover a hacked or compromised Microsoft account
• Hello , welcome to Account help & learning
• My account got hacked. - Microsoft Q&A
• My account got hacked - Microsoft Q&A
• Need help with hacked microsoft account - Microsoft Q&A
• my microsoft account has been compromised - Microsoft Q&A
• How do I send an email to Microsoft about my account being hacked and taken over by <removed> ? - Microsoft Q&A