Share via

My Son's Account was hacked and Hi-jacked.

Alesha Bowens 0 Reputation points
2026-05-27T01:30:26.7133333+00:00

My Son's Account was hacked and Hi-jacked. They changed the password and the recovery email address. His friends confirmed it was hacked, because the bad actor logged into Minecraft and chatted with his friends indicating **hacked in the chat. What do I do?

Microsoft 365 and Office | Microsoft Family Safety | For home | Windows
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. paulr0511 45,145 Reputation points Independent Advisor
    2026-05-27T02:55:58.0366667+00:00

    Hello, good day and thanks for your question. Sorry to know about this and I understand that you have encountered an account related issue.

    Please take note that a compromised account is a complex scenario and once the email and phone number has been changed to a different one then it is at the point that it is unrecoverable (even if 2FA is enabled) and Microsoft Support will not be able to help either.

    For this you can go over to this link https://go.microsoft.com/fwlink/?linkid=2196140 and most likely it will be followed by doing the account recovery form which is an automated process that you will need to enter every bit of information that you can remember on the account (if this is unsuccessful, the account cannot be recovered) and you can check out the links below for reference.

    https://support.microsoft.com/en-us/account-billing/how-to-recover-a-hacked-or-compromised-microsoft-account-24ca907d-bcdf-a44b-4656-47f0cd89c245

    https://support.microsoft.com/en-us/account-billing/help-with-the-microsoft-account-recovery-form-b19c02d1-a782-dee6-93c3-dc8113b20c42

    https://support.microsoft.com/en-us/account-billing/your-microsoft-account-recovery-request-wasn-t-granted-dc56c3e3-dff0-4ed5-8edb-60290eea6b53

    Please take note that if 2FA is enabled on your account, ACSR will inform you that your recovery request will be ignored and you will only receive a message that the recovery request is either successful or it will indicate that it has insufficient information and this means that 2FA is disabled. You may keep on trying as many times as you want which is up to two times per day.

    Please take note as well that Microsoft Support will not be able to assist with doing manual recovery, unblocking, and escalation as support agents and advocates are not allowed to send password reset links or access and change account details.

    Was this answer helpful?

    0 comments

  2. AI answer

    2026-05-27T01:30:50.0666667+00:00

    Take the following steps immediately to secure and, if possible, recover the account.

    1. Run a malware/virus scan on the child’s devices
      • On Windows 10/11 or 8.1, use Windows Defender:
        1. Select Start.
        2. Search for Windows Defender and open it.
        3. Make sure it’s up to date and run a full scan.
      • Ensure any antivirus app is updated and configured to scan regularly. Do this before changing any passwords.
    2. Try to recover the Microsoft account
      • Because the password and recovery email were changed, use Microsoft’s hacked-account recovery flow:
        • Follow the guidance in How to recover a hacked or compromised Microsoft account and use the sign-in helper and recovery form to prove ownership.
        • If sign-in fails, use Forgot my password on the sign-in page and choose I think someone else is using my Microsoft account, then follow the prompts.
    3. If sign-in is still possible anywhere, immediately secure the account If there is any device where the account is still signed in:
      • Change the password to a new, strong one using the instructions in the hacked-account article.
      • Review and correct account settings that attackers often change:
        • Check connected accounts, forwarding, and automatic replies and remove anything unfamiliar.
      • Go to the Microsoft account Security basics page and:
        • Select Review activity and mark any sign-ins that weren’t his as This wasn’t me or Secure your account.
        • Select Change password and set a strong, unique password.
    4. If the account cannot be recovered
      • If the attacker has fully replaced the email and phone and the recovery form fails, the account may be unrecoverable. In that case:
        • Follow the guidance in the recovery-form help and, if still unsuccessful, understand that support cannot override the automated ownership checks.
        • For Minecraft access tied to that account, contact the Minecraft support team as suggested in the referenced guidance to see if any options exist.
    5. Harden all related accounts and email addresses
      • For any account that uses the same email address or password:
        • Change to strong, unique passwords.
        • Turn on multi-factor authentication wherever available; this blocks most password-based attacks.
      • Use spam/phishing filters and be cautious of urgent or suspicious messages, links, or attachments.
    6. Add safer sign-in and recovery options for the future Once control of any Microsoft account is regained:
      • Go to Advanced security options and Add a new way to sign in or verify (such as a phone number, alternate email, or Microsoft Authenticator).
      • Keep this security info up to date so recovery is possible if something similar happens again.

    Because this involves a child’s account, also review Microsoft Family Safety settings to ensure only trusted devices and apps are used, and monitor sign-in alerts for unusual activity.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.