![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 6%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMJ%3C/text%3E%3C/svg%3E)
If the hacker changed the primary email and added two-step verification, recovery is only possible through Microsoft’s official hacked-account and recovery flows. There is no manual override, even for Support.
Follow these steps immediately:
- Scan the laptop for malware
- On Windows 11, use Windows Defender:
- Select Start.
- Type Windows Defender and open it.
- Make sure it’s up to date and run a full scan before trying to recover the account.
- On Windows 11, use Windows Defender:
- Use the hacked/compromised account guide
- Follow the steps in How to recover a hacked or compromised Microsoft account. This includes:
- Running antivirus (done in step 1).
- Trying to change your password if you can still sign in at all.
- If you cannot sign in, use the reset your password option from that article.
- Follow the steps in How to recover a hacked or compromised Microsoft account. This includes:
- Use the Sign-in Helper and recovery form
- If normal reset options fail or you don’t recognize the verification email/phone anymore, use the Sign-in Helper tool: it guides to the right recovery options.
- If needed, complete the account recovery form:
- Use a device and location you previously used with this account (for example, the same Windows 11 PC or Xbox, at home).
- Provide as much accurate information as possible (old passwords, services used, etc.).
- Understand the 2FA limitation
- If two-step verification is turned on and none of the verification methods (email/phone/app) are accessible anymore, the documentation states that Microsoft cannot help further. Support agents are not allowed to send password reset links or change security info.
- In that case, the account may be unrecoverable.
- If you regain access
- Immediately:
- Change the password to a strong one.
- Remove any unknown aliases or security info.
- Add your own secure verification methods (phone, alternate email, Microsoft Authenticator) as described in the Advanced security options guidance.
- Immediately:
If the recovery form and Sign-in Helper both fail and the hacker fully replaced the security info with 2FA, the account cannot be recovered according to the provided guidance.
References:
- How to recover a hacked or compromised Microsoft account
- Hello , welcome to Account help & learning
- How to help keep your Microsoft account secure
- What happens if there's an unusual sign-in to your account
- Help with the Microsoft account recovery form
- My account got hacked. - Microsoft Q&A
- My account got hacked - Microsoft Q&A
- my microsoft account has been compromised - Microsoft Q&A
- Need help with hacked microsoft account - Microsoft Q&A
- How do I send an email to Microsoft about my account being hacked and taken over by <removed> ? - Microsoft Q&A