Hacker with rambler.ru email stole my account without warning

Hello, Niko. I'm Greg, here to help you with this.

I'm very sorry you're going through this. We are seeing a lot of account hijackings recently where the hacker changes the password, even the email and security info so it becomes impossible to recover.

Here is everything to try to recover a hacked Microsoft Account:
https://support.microsoft.com/en-us/sbs/account...

Try one more time to change your password as shown here:
https://support.microsoft.com/en-us/help/402683...

Normally they'll want to send a Security Code to the mobile or email you set up here for that: https://support.microsoft.com/en-us/help/12428/.... There is also information about troubleshooting receiving the code at the bottom of the page.

If you cannot receive the Security Code because it is not up to date or has been changed by the hacker, try to do Account Recovery following this walk-through: https://support.microsoft.com/en-us/help/17875/...

You can amend the Account Recovery form if you remember any other information about the account, which may shorten the waiting period. Unfortunately they will not budge on the wait as they have learned over decades exactly what's needed to avoid any chance of giving away your personal data to a hacker or stalker.

In the mean time if you're locked out of Windows I will show you how to create a new Account so you can still get into your Windows install for now using all of it's apps and accessing data, or if necessary reset or reinstall Windows.

If you are unable to do any of this because of changes the hijacker has made to your account, contact Microsoft Support at https://support.microsoft.com/contactus. Explain the problem and keep asking for an agent to get a call back or chat on week days.

Emphasize to the agent that your account has been hijacked, that you don't have the account security information because the hacker changed it, but you can still answer questions about the account to prove it's yours.

Here is everything to know about being hacked and how to prevent it:

https://preyproject.com/blog/en/have-i-been-hac...

https://www.windowscentral.com/signs-pc-hacked

https://www.csoonline.com/article/2457873/signs...


Feel free to ask back any questions. Based on the results you post back I may have other suggestions if necessary
______________________________________________

Standard Disclaimer: There are links to non-Microsoft websites. The pages appear to be providing accurate, safe information. Watch out for ads on the sites that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the sites before you decide to download and install it.

Spoiler alert I currently have EXACTLY the same problem except that I've taken all the steps above to recover everything. Microsoft recognized me as the owner of the account BUT refuses to help me due to their security policies and so to summarize: I could still connect to my hacked account, but since they changed the email address I was powerless. Microsoft's refusal to help is quite simple. So do you have a solution? I can't see any.

Well thats just great because i have the same issue.

guess microsoft can prove im the original owner but dont do anything about it.

seems like a really good idea doesnt it

Hacker with rambler.ru email stole my account

Dear Greg,

my account recently got hacked by a rambler.ru email address. I have tried getting it back but it seems as if you guys dont think im the owner of the account. I just bought the PC gaming pass for xbox and I have the transaction number and everything. I dont understand why I cannot have my account back because it was hacked into. I need help. whatever you may need to prove that it is my account please let me know. I need this account back as soon as possible.

Thanks,

Andrew C.

Same issue. Yall even told me that you COULD verify I was the owner, but for a reason u didn't specify, said that you can't restore my access, and that all my pics, games, and everything I've bought over years is gone forever. Minecraft too. This is absolute BS.

Disclaimer, I have nothing against any employees in here, yall just doing ur jobs. Whoever the half-whits running the account recovery specialist team, they need to be fired

Same thing happened to my brother too, while playing Minecraft. Within probably like less than a minute, I got a ton of gmail notifications (our Microsoft account's recovery email was a gmail account). By the time I got to trying to sign in (literally going as fast as possible 1000 mph) to our Microsoft account everything was already hijacked! Account doesn't exist and whatnot! Looking through a lot of posts like this and we're really hopeless. Even if we are recognized as the owner we probably still won't get our account back, right? So what's the point of account recovery and support if I literally just get sent back to square one?

So Microsoft's 2FA can be so easily bypassed like that. Should've just kept the Mojang account, but Microsoft says they are going to delete Mojang accounts, so we had no choice but migrate to an apparently insanely insecure and unsafe Microsoft account! We are really frustrated - dear Microsoft, it isn't 120 BC anymore, it's 2023 AD. Please improve the security (although they probably won't).

Same issue with my child's child account.

Within seconds, somehow a hacker with this rambler.ru address was able to reset the password, change email and remove all security info.

While MS sent multiple emails and we responded within less than an hour, we have not gotten back and probably never will control of the account.

We were able to use the account recovery to change the password back but the email still has the hacker's email address and any codes go to that only.

We tried to change the email address back to our original one but that indicated it would take 30 days. 5 days into that I get an email that "account recovery was cancelled" and it seems that the hacker was able to go in to cancel that.

Now we must wait 30 days to try again and then presumably the hacker can just cancel our request.

I tried calling Microsoft and had an agent hang up on me for no apparent reason. I was being firm but polite so that was unjustified.

Seems like Microsoft and their account recovery process has multiple flaws.

1) account recovery doesn't get you back access to your account. It's a lie. If the hacker (and of course they would) has changed your email and removed the existing security info you're not able to get that changed back. It may allow you to change the password but the hacker can still get in presumably with security info they added.

2) MS allows the password, email and all security info to be changed in one single sequence with no ability to halt the process or question it if you are the legitimate owner.

3) MS process for how this all works is poorly documented with bits all over the place on their site, the prompts as you try these things are poorly worded and written so they are ambiguous and you can't easily understand how the process works.

4) Getting help for this situation is impossible. Understandably the customer service person you speak to can't make changes to your account (I understand that would be incredibly insecure if they could) but they also should immediately be able to take the information, pass it to some escalation team and that team should upon suitable verification be able to make you whole. It seems the person I spoke to couldn't do that or didn't want to and also didn't want to talk to me any longer.

This is incredibly unsatisfactory and unprofessional for a company as large as Microsoft.

They may be able to write off millions or billions of losses but for those of use who lost access to purchases we legitimately made and are expected to write off it is not a small or insignificant impact and loss.

I SAID A BOOM CHICKA BOOM!!!!!!!!!!!!

Oh yeah man trust me, the account could be renamed to "haha stupid idiot i hacked your account" and these companies would still not comply with you, they would see a million transactions in america then suddenly your account password, email, and username are changed and still not help. You could have memorized every single bit of information and it would still not be enough when the company gives you false hope and asks for the information