![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 86%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Microsoft Security | Intune | Security
Managing and enforcing security policies for devices and apps to protect organizational data through Intune
For a hacked personal Microsoft account where the email, phone, and password have been changed and the recovery form is failing, only the official self-service recovery and security flows can be used; support cannot directly reset or override account security.
Follow these steps end to end:
- Run through the hacked-account troubleshooter
- Use the official guidance for compromised accounts: it starts from the sign-in helper and guides through the correct path for a hacked or compromised Microsoft account.
- If still able to sign in anywhere with that account (for example, on a device where the session is cached), immediately:
- Run a full antivirus/malware scan on the device.
- Change the password to a new, strong one.
- Then review mailbox and account settings as in Step 3 below.
- If sign-in is no longer possible, use the account recovery form
- Submit an ownership verification request using the account recovery form.
- Provide as much accurate information as possible (old passwords, subject lines of recent emails, contacts, services used, etc.). The system uses this data to verify ownership.
- If a previous attempt was rejected for “not enough information,” submit another request with more detail. Results are sent to the working contact email within 24 hours.
- If the request is not granted, it can be retried (up to two times per day). If repeated attempts fail, the account cannot be recovered.
- After regaining access, secure the account Once access is restored:
- Run a full antivirus scan on all devices used with the account.
- Change the password again to a strong, unique password.
- Review and fix account settings that an attacker might have changed:
- Remove any unknown aliases or sign-in addresses.
- Check connected accounts, forwarding, and automatic replies and remove anything suspicious.
- Add secure verification methods (for example, Microsoft Authenticator, trusted phone, or alternate email) and review the guidance on keeping the account secure going forward.
- If the attacker replaced all security info and recovery keeps failing
- If the hacker has fully replaced the security info and the recovery form does not succeed after multiple detailed attempts, there is no other supported method to regain access. Support agents are not allowed to send password reset links or change account details on personal Microsoft accounts.
References:
- How to recover a hacked or compromised Microsoft account
- Help with the Microsoft account recovery form
- My account got hacked. - Microsoft Q&A
- How do I send an email to Microsoft about my account being hacked and taken over by <removed> ? - Microsoft Q&A
- My account got hacked - Microsoft Q&A
- Need help with hacked microsoft account - Microsoft Q&A
- my microsoft account has been compromised - Microsoft Q&A