Share via

My account got hacked.

enes donmez 0 Reputation points
2026-03-28T00:29:58.3066667+00:00

My Microsoft account got hacked but i managed to change the password. i requested for an update on my security info because the hacker has put his own alternative email in. So every verification code i need gets sent to the hackers email. i wish to remove this immediately. please help me

Outlook | Web | Outlook.com | Account management, security, and privacy
0 comments
Answer recommended by moderator
  1. Alice-N 8,405 Reputation points Microsoft External Staff Moderator
    2026-03-29T01:14:58.6166667+00:00

    Please note that this is a user-to-user community. As moderators, I have limited access to internal development details. My role is to direct users to the appropriate support channels and resources. While I cannot provide backend analysis, I will do my best to assist you within my responsibilities.   

    Hi enes donmez

    I understand you are having a problem with a hacked personal Outlook.com / Microsoft account where the attacker added their own alternate email, so verification codes are being sent to them. 

    Please follow these steps if the AI steps do not work:  

    • Check if your account is in the “security info change pending” state, then use the correct link on that screen 
    • From that same pending window, use one of these built-in links (whichever appears):  
      • Cancel this request (only if you initiated the change yourself and you still have access to the current/old security proofs needed to cancel).  
      • Let us know (use this if you did not make the change; it routes you through the “unauthorized change” flow on the pending window).  
    • Remove any attacker-added sign-in alias (if you can reach “Manage how you sign in”) 
      • If you can access alias management, remove an email alias/username from your Outlook.com account via “Manage how you sign in” and selecting Remove next to the alias you don’t recognize. This is important because attacker-added aliases can be used to keep attempting access even after a password change. (Only remove aliases you are sure are not yours.)  
    • Add a safer verification method after you regain control (to stop codes going to the attacker) 
    • Use How to recover a hacked or compromised Microsoft account and fill in the account recovery form, if the form fails, please contact Support via:  
      • Visit Contact - Microsoft Support
      • Type a brief description of your issue in the search box  
      • Scroll down to the bottom > select Sign in to contact support  
      • Log in to another available personal Microsoft account.   
      • Under Products & Services, select "Other Products"; Under Categories, select "Manage account security", and click Confirm.  
      • Click "Chat with a support agent in your web browser" (during business hours) 

    I hope you can protect your account and regain access. Have a lovely day ! 

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-03-28T00:30:13.59+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Follow these steps to secure the account and deal with the hacker’s alternate email and security info:

    1. Clean devices first
      • Before changing anything else, run a full antivirus/malware scan on every device used to sign in to the Microsoft account.
      • On Windows 10/11 or 8.1, use Windows Defender:
        1. Select Start.
        2. Search for Windows Defender or select Windows Defender.
        3. Follow the on‑screen instructions and run a full scan.
    2. Complete the hacked-account recovery flow
      • Use the official hacked/compromised account guide and troubleshooter:
        • Go to How to recover a hacked or compromised Microsoft account and start the sign‑in helper tool. It will walk through:
          • Confirming the account is secured.
          • Resetting the password (already done, but can be repeated if needed).
          • Reviewing security info and recent activity.
    3. Understand the “security info change is still pending” lock
      • Because the hacker replaced existing security info (alternate email/phone), the account is now in a restricted state for 30 days.
      • During this 30‑day period, Microsoft blocks immediate replacement of all security info to protect against unauthorized changes.
      • The message “Your security info change is still pending” or “You can't access this site right now” means:
        • All previous security info was removed and replaced.
        • The new info (including the hacker’s email) will not be fully trusted until the 30‑day period completes.
    4. What can and cannot be done during the 30 days
      • Cannot:
        • Fully override all security info instantly.
        • Bypass the 30‑day waiting period via support.
      • Can:
        • Keep using the account in a restricted way (depending on what the system allows).
        • Monitor for notifications sent to the original security info (old email/phone) during the 30 days.
        • In some cases, cancel the pending change if the removal was done by mistake and the original security info is still accessible.
    5. If the security change was not made by you (account compromised)
      • Treat this as a hacked account scenario:
        1. Use the hacked-account guide to confirm the account is secure and the password is strong.
        2. If there is an option in the security notifications sent to the original email/phone, use it to cancel the unauthorized security-info change.
        3. If cancellation is not possible, the only option is to wait out the 30‑day period while keeping the account password strong and devices clean.
    6. After the 30‑day period ends
      • Sign in to the Microsoft account and immediately:
        1. Go to the Your info / Security pages and remove any unknown email addresses or phone numbers from security info.
        2. Add trusted email and phone numbers as security info.
        3. Turn on two-step verification and configure Microsoft Authenticator only on trusted devices.
    7. If access is lost again
      • Use the Microsoft account recovery form and the hacked-account guide again.
      • If the automated recovery fails and all security info has been replaced, there is no alternative manual override for consumer Microsoft accounts; recovery is only possible through the official automated process.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.