Receiving an email saying your account has been accessed by an unauthorized party happens, and it’s normal to panic, especially if that account has your financial information attached to it. However, there are ways to protect your information and your account. Here’s what to do if your Xbox account is hacked and how Microsoft might respond.
The first thing to do if you think that you’ve been hacked is to go to Microsoft’s website for compromised accounts. Here, you’ll be guided through the process of finding out what exactly happened. First, you’ll select whether or not you are able to log in to your account. If you can’t and it’s because of your password (whether you’ve forgotten it or you think someone else might have changed it), select “no.”
Selecting “no” takes you to another page where you’re instructed to change your password on the “Why can’t I sign in?” screen. Provided either are registered to the account, you’ll receive a code to your email or phone. If you can’t use any of these options, you’re prompted to enter a new email address where you’ll receive an account recovery form. In this form you’ll answer as many questions about your account and old login information as you can remember before getting a password recovery email.
If you selected “yes” in the beginning because you are able to log in to your account, you’ll find that Microsoft has locked it because they’ve detected suspicious activity. At this point, you’ll get a security code sent to the email address of the phone number that you have on file, and after verification, your account will be unlocked and you can change your password. From here, you’ll review recent activity and fix anything in your account that may have been changed by a hacker, like personal and billing information.
If none of those options work for you, or if purchases have been made and you know that you and others like family or friends with access to your account didn’t make them, you’ll need to contact Microsoft directly through Xbox support. Make sure that you have some information handy, like the email and phone number that were on the account, and your console/device ID and serial number, which you can find on your console.
In the past, the timeliness of Microsoft’s response to account hacking has been a mixed bag. Some users are able to get their accounts back within an hour, but others, like Reddit user beethibodeaux, have had to be extremely persistent with finding the right person to speak to. In that case, their entire experience stretched over sixteen days. They stressed how important it is to have two-factor authentication set up on your account as an extra precaution.
Possibly having a strange person on the internet access your private information is definitely scary, but Microsoft has a good, clear system in place to mitigate whatever damage is done and to keep it from happening again.
If you've ever been hacked, Microsoft gives you plenty of options to get your Xbox account back and protect it from being compromised again.