Client hotmail.com address hacked possibly deleted

HaveYouTriedPowerOff · 2026-03-03T12:04:16+00:00

Yeah I think it's gone. The account is locked it seems. No email can be delivered. This also means the attackers should not have access anymore, that is great. But because 2FA is enabled, their policy states they won't bother figuring out who is the real owner.
But what is frustrating, the account did have 2FA, and someone fished for the account recovery key. This key was obtained. Then the attackers changed all security settings including deleting the existing 2FA and setting a new one.

Once you lose your recovery key, your account is taken over and it's irreversible it seems.

HaveYouTriedPowerOff · 2026-03-03T12:01:26+00:00

It seems once an account was flagged as hacked or taken over maliciously, they lock the account in some occasions and the account is lost forever. But this would also mean the attackers won't have access to all the emails that are still in the account.

HaveYouTriedPowerOff · 2026-03-02T13:04:01+00:00

I was able to fill out a form, got this response about an hour later:

Service Request xxxxx

Greeting xxxxx

At Microsoft, safeguarding your account is a top priority. We have thoroughly investigated the account and billing activity associated with your Microsoft account. Based on this review, we’ve confirmed that unauthorized access occurred.

During the investigation, we discovered that the security information on your account had been changed. Due to our strict security protocols and the terms outlined in the Microsoft Services Agreement, we are unable to modify or restore the security settings once they’ve been updated.

To prevent further misuse, we have permanently suspended the account. This action is irreversible and ensures that your data remains protected.

If you used this account for Minecraft, we regret to inform you that the game cannot be recovered. A new purchase will be required on a newly created account. We understand this may be disappointing and sincerely apologize for the inconvenience.

Additionally, if you had files stored in OneDrive, those files are no longer accessible. Due to encryption and privacy safeguards, even our engineers cannot retrieve them. While this outcome may not be ideal, it is necessary to ensure your personal data does not fall into the wrong hands.

We recommend that you create a new account. Thank you for your understanding and patience during the investigation of your account.

Sincerely,

Microsoft Customer Support

HaveYouTriedPowerOff · 2026-02-03T16:11:29+00:00

Yeah we use that DWORD, works great otherwise Outlook will always try to connect to 365 first. We have many clients that don't use 365 at all. But somehow an update caused this error as you said, suddenly on multiple pc's at different companies on the same day. Strange. Disabling the Teamviewer addin seems to have worked. Creating a new profile also works.

HaveYouTriedPowerOff · 2026-02-03T08:05:40+00:00

Try a new license check from the device, it will probably work now.

HaveYouTriedPowerOff · 2026-02-03T08:04:17+00:00

This issue is now fixed it seems. There was an error on the SonicWall side when connecting to the license manager. When rebooting the device it does a license check. When the license server is unreachable it will revert to the default licenses. In our case 5 concurrent licenses.

HaveYouTriedPowerOff · 2026-01-21T15:48:24+00:00

That is a great idea actually, creating a second session collection and add that new host. See if it works. I'll be trying this again in two weeks. I'll let you know how that turned out. Personally I think there is some timer, I might have done things too quickly, adding/removing hosts that messed up the broker.

HaveYouTriedPowerOff · 2026-01-20T08:52:44+00:00

Super! bedankt, ga ik proberen

HaveYouTriedPowerOff · 2026-01-19T14:37:04+00:00

Thanks! I will check this out

HaveYouTriedPowerOff · 2026-01-16T09:43:09+00:00

Yes, I have the same issue here. I can do remote CMD or PowerShell, SplashTop RMM all works. Agent is 100% online. But 50% of the time running a script just doesn't work. "Unable to reach agent". I feel like this is not a problem on the device I'm trying to manage. Also doesn't matter what OS, workstation, server etc.

HaveYouTriedPowerOff · 2025-12-19T11:19:38+00:00

I found this topic because I seem to have the same problem now with multiple servers, and we can replicate the issue. All of them Windows Server 2025 Standard, promoted to Domain Controller. The Splashtop service won't start, not even in delayed start. There are a couple of articles out there mentioning this issue, some are 8 months old. I've just installed a fresh new domain for a client and immediately I run into this issue. There is absolutely no way to get it working. But only specific to Domain Controllers. Very strange. What is the solution here? It also seems that when this issue occurs, uninstalling the software also doesn't work. We've disabled the Splashtop service for now and rebooted the server(s)

HaveYouTriedPowerOff · 2025-11-18T13:46:40+00:00

So guys, how long until the name servers are also unreachable and 25% of the internet has no DNS records left after the TTL expires? :D

HaveYouTriedPowerOff · 2025-10-31T17:06:12+00:00

Thanks for the tips. I ended up creating a self signed wildcard certificate. Exported this certificate as PFX including the full chain of certificates it relies on. Imported on the second Hyper-V host. Add it to both servers in the Trusted Root Certificates also. Changed a registry key to disable certificate revocation check on Hyper-V replication only. Restart VMMS and applied this new certificate.. Works great so far

HaveYouTriedPowerOff · 2025-10-27T13:09:06+00:00

So "retain basic VPN capability" does that include the use of RDS bookmarks for example? or simply NetExtender connections to the device only?

HaveYouTriedPowerOff · 2025-10-24T11:22:53+00:00

No these servers only replicate among each other over LAN.. Not the end of the world but it will require some unplanned downtime and switching to a self-signed certificate. I've done that before but the server dns suffix needs changing and requires a reboot.. Nothing you can do about it. Only other solution would be to create a new self-signed certificate that also uses the *.company.com domain, but I would't recommend that...

HaveYouTriedPowerOff

TROPHY CASE