Like the title says, I’ve got yesterday an email with a code to access my Microsoft account and that made me suspicious because I wasn’t trying to login to my account.
When I looked at the login attempts I saw that someone else was trying to access my account, I changed my password, activated TFA.
Thinking of going through and buying a physical key like yubico to further secure my account.
Any tips are appreciated.
Yeah my account has been hit since the end of December every 7 or so days.
The only things I've got in my account are some windows 7 / 10 licence keys and a migrated Minecraft account. Really not a concern to me if they can somehow get past 2FA.
The lack of response from MS is pretty shit, and to be expected from MS.