Did you know that, just like Google and other companies, Microsoft provides a complete log of your Microsoft account activity? What does this mean? You can get detailed information about when a sign-in was performed (successfully or not), from where and the kind of device that was used. Reviewing this information will help you learn whether your Microsoft account was hacked by unauthorized parties. Then, you can take action to prevent this from happening in the future. Here's how to learn whether your Microsoft account was hacked or not.
How to Access Your Microsoft Account Activity
In order to manage your Microsoft account, go to https://login.live.com and login with your email and password.
When the Microsoft account page is opened, click or tap Recent activity.
Depending on how you have set the security of your Microsoft account, you might be asked to enter an additional security code that will be sent to your phone or to another email account you own. Once that is out of the way, you can see when and where your account was used.
How to View all Sign-in Attempts, When & Where They Were Made
For each sign-in attempt you have a log entry. Click or tap each sign-in that seems suspicious.
Don't hesitate to look past the first list of sign-ins and click or tap the "View more account activity" link. I've learned that, for my account, lots of suspicious activities were attempted more than a week ago.
For example, I first noticed an unusual sign-in attempt made from Russia. Microsoft shared with me the IP address of the device on which the attempt was made, the platform that was used and the browser. Also, I had a map with the approximate location of this sign-in attempt.
This was clearly a hack attempt made by someone based in Russia. I kept looking and I discovered another attempt made by someone in the United Kingdom, from a Mac computer.
Browsing even more into the past, I've learned that many suspicious sign-in attempts were made from Ireland, Germany, United Kingdom and Russia. Unfortunately, one of these many attempts was successful. This meant that my Microsoft account password was compromised.
If I had checked only the first list of sign-in attempts, I wouldn't have noticed anything suspicious. I was lucky that I scrolled a bit in the past. I strongly recommend that you do the same.
What to Do If Your Microsoft Account Was Hacked?
There are many things that you can do and Microsoft offers many tools for securing your account, including enabling two-step verification. However, I won't detail these tools in this article and I will come back with new articles on this subject. But, the first and most important thing you should do is change your Microsoft account password. Immediately!
I strongly suggest that you go through this exercise and see if your Microsoft account was accessed by unauthorized parties. Even if you don't have your e-mail on Microsoft's servers and you use GMail or some other service, your Microsoft account still stores lots of personal information that should remain private. Once you go through this exercise, don't hesitate to leave a comment and share whether your account was hacked or not.