[German]Some users experience an extremely unpleasant surprise when they discover that their Microsoft account has been suspended and deactivated without justification. I have reported on these cases several times in the blog (see article at the end of this post). In today's blog post, I bring up a case that I have known about for some time.
Advertising
I had given the advice to keep your hands off Microsoft accounts and not to store anything important on OneDrive. If you rely on Microsoft accounts, you are simply abandoned in case of an emergency. Or more drastically to the point: the person is suddenly digitally dead with regard to his account. All services, data or subscriptions associated with the account can no longer be used.
Microsoft account deactivated, you are digitally dead
The problem can affect anyone, suddenly the following message appears when trying to log in to the Microsoft account.
The user usually won't get the reason for the account lock. There is no legally verifiable possibility of objection – the user has accepted the terms and conditions, which grant Microsoft extensive rights. A defined process to access his account – even if it is only to download the stored content – is not available to my knowledge.
The new case of a blocked account
Through the various posts, my blogs act more or less as a honeypot where those affected hit with comments. Some affected people also get in touch via email. At the beginning of April 2021, someone from the U.S. contacted me who had been confronted with a blocked Microsoft account and had come across my blog posts. The case shows what shaky planks people are juggling on. I have therefore pulled out some details as a separate post. The first mail contained the following text:
Advertising
Good day,
I read a couple of blogs you posted about arbitrary blocking of Microsoft accounts. I received a notice that my account has been suspended for a violation of the terms of use. I believe that all my content and actions within the Microsoft ecosystem are above board. I attempted to follow the process only to receive a message that I violated their terms of service and my account will not be restored.
I reside in the United States and am wondering if you know of the best course of action.
The facts are well known and outlined above. The user's account was blocked out of the blue. The accusation is "violation of the terms of use". If the trap strikes, the affected party goes round in circles with Microsoft. Because the nature of the violation is not named and no account is unlocked again.
Dramatic consequences for the affected person
After I replied to the affected person, he got back to me with additional details. With his permission, I am posting these on the blog – as an example for potential victims:
I will give you additional details about my situation in case you are collecting data or want to blog more about the issue.
I've had my account since the late 90's. It was a @hotmail.com account. Never had issues with my account. Started using online storage ~mid-2000's. Started on Amazon S3 with the Jungledisk encryption program. Used Amazon for quite a while no issues. Mid-2010's, my lifetime Jungledisk purchase was changed to a subscription based license. O365 started to rise, I saw cost savings by switching to OneDrive. Started using OneDrive then a little bit later started using BoxCryptor (subscription-based software) on my important files. Sometimes BoxCryptor can be a pain to operate. Sometimes it crashes, sometimes it has issues with offline files.
Up to this point, it was a usage scenario that millions of Microsoft users were familiar with. But then something went wrong, as can be seen from the user's description:
It was looking to trim some of my online subscriptions (e.g. video services, unneeded software subscriptions). I thought my data was reasonably safe on OneDrive. I had 2-factor enabled. I decided to decrypt my important data (e.g. tax documents, salary information, school notes) and cancel my BoxCryptor subscription. That was done on Monday, 3/29. I did have some personal photos of my now girlfriend (she is 40+ years old) and moved them into the secure vault for a little extra security.
The mention of encryption rings an alarm bell in the back of my head. I had once raised something about this in the German blog post Cloud-Datenschutz: Na, dann verschlüssele ich eben …. My conclusion, some time ago: As soon as encryption is used, you are on swampy ground when it comes to OneDrive. The disaster then took its course for the person concerned (although he unencryptes his stuff and uploaded it to OneDrive Personal Vault, where Microsoft uses Bitlocker for encryption).
Wednesday, 4/1, I started getting notifications on my phone that I need to reauthenticate to O365 with no sucess. I ultimately ended up trying to log into my account on a PC to get the dreaded 'your account is locked due to violations to the terms and conditions'. I booted my XBox to find that I am unable to use it at all. I filled out the required form to get my account reviewed and received a response within 2 hours that 'there was a severe violation to the code of conduct and your account will not be restored.' I contacted someone on Reddit who sounded like they worked for Microsoft. They asked for my ticket number, but have not yet heard back.
Unable to sleep, I spent a few hours reading through forums of how others have had this happen to them. There were a few cases where they were told what item in the terms of service was in violation. There were also a few that had their accounts fully restored. A couple people returned back to the forum to outline what they did to get their account back. (If you want, I can dig up those responses).
Among the ones that had their accounts restored, it usually involved outside help. Arbitration, lawyer, or reporting them to the Better Business Bureau (BBB) (an agency that receives customer complaints and helps to resolve). There was one or two instances where they used their account while connected to a VPN and got banned.
What have I done so far:
At this point, I am only 1 day into my ban. I have now submitted two account review forms, a complaint to the BBB, and a message to the Reddit moderator (MSModerator) appears to be a shared account. The user that contacted me goes by the initial R.V.).
At the end of March 2021, unencrypted data was uploaded to OneDrive, and on April 1, users were no longer able to log in to Microsoft Office 365 because authentication was required. The XBox gaming console also went on strike due to account problems. Attempting to log in to the browser resulted in the above notice that the Microsoft account was locked. The user's search in forums resulted in several hits where other users described the same experience. Some were able to access their files again after many actions, others remained locked out.
In another text, the affected person describes what he lost by deactivating his account – that is, simply put, drastic:
What have I lost:
Any files that were not synced to my device on OneDrive.
I just renewed my O365 family plan last month, so I lost that. I think my girlfriend is an administrator on the family account, so I am thinking she can add another Microsoft account.
I also just pre-paid 3 years of XBox GamePass Ultimate last month. Gone
I had close to 300 games on XBox, though, most of them were the free games from the monthly Games With Gold perk. I lost 5 games that I actually paid for.
Also lost my progress in any long playing games.
What I fear I may have lost:
Being the 'owner' of the XBox, I may have to factory reset the console and start over.
I lost purchase information and warranty information for my Surface device.
I believe after a period of time, Windows will ask you to reauthenticate to your Microsoft account. So I may be facing a reset on two devices.
I may have lost access to other accounts that use my @hotmail email address (i.e. the sites that email a 2 factor code or a login link). I suspect that I can regain access if I contact the online store/site and explain my situation and provide proof of identity.
In short: No access to OneDrive with saved data, the Xbox Game Pass became worthless due to missing account access, and the Office 365 subscription was also gone. That Microsoft services like email, which the user had specified for online account recovery, were also locked out is just a footnote there. You lock yourself out online somewhere and you can't reset the password because the email account in question has been locked out. That's what I described as digitally dead earlier in the text. The person concerned has simply been dispossessed and stopped cold. The user's hope: In the best case, Redmond fully restores the Microsoft account.
Hope dies last
The alternative, he hopes, would be for Microsoft to restore the account, communicate which files violated the terms of service, so the user can delete them. He could also imagine Microsoft deleting the incriminated files (if that even applies) and reactivating the account. From this point on, communication is then cut off, as the blog reader's hope has probably vanished into thin air – Microsoft simply stops communicating.
Speculation about reasons for blocking
There are always speculation about the reasons for a deactivation of the Microsoft account. Here is a how-is-who of the speculations, I found within several cases in the past:
- In some blog posts, I had mentioned the lack of verification via a mobile phone number for some Microsoft products.
- In other cases, photo and film material that fell victim to the "porn scan" of the US provider was cited. This includes pictures that perhaps show children naked on the beach at a young age.
- Another reason for blocking seems to be larger upload quantities at OneDrive. I had raised this once in the post Droht Samsung-Nutzern bald die Microsoft-Kontensperre und Inhalte sind weg?
- Another issue that has come up in discussions before is the use of VPN access to access OneDrive content. That seems to lead to lockouts.
- I had still pointed out the issue of content encryption in the text above, which probably triggers in some cases Microsoft's scanner.
It's already a nice collection, which possibly triggers the account blocking. But nothing is confirmed, because Microsoft leaves the people in the dark – you are simply powerless. There is no information about what is being complained about. And there is no instance for clarification or dispute resolution.
What the affected person concerned suspects
In an exchange with the person concerned, the latter expressed another assumption that also fits the "encryption" pattern. The user works as a security analyst for a large security company (I know the name). For his cyber training, he keeps some malware samples and open source pen testing tools (some are typically part of the Kali Linux distribution). The material was not password protected. This, of course, would be a first-class trap.
Furthermore, the individual wrote to me that he had uploaded some private photos and videos of his girlfriend (40+) as well as himself to OneDrive. This could also have caused the AI algorithm to strike and lock the account.
Another aspect is that the security analyst said he frequently accessed the Microsoft account from his work computer. This computer is connected to a VPN, which, however, is still located in the USA. The guess: Perhaps Microsoft sees that the account accesses are from different locations, as he switched between VPN accesses from his work, smartphone accesses and accesses from his home WLAN.
What he also notes: He had not shared anything further with third parties, except for a few documents exchanged with his girlfriend. So no stories like swapping music, movies, software, porn, etc. Even photos had been exchanged via a third-party service (presumably Signal Messenger), but then probably ended up on OneDrive via synchronization. Foreign users never received the access data of the Microsoft account – he rules out misuse via this channel, also because of two-factor authentication.
Concluding observations
If we look back at the above case and other findings, we can only conclude that Microsoft's (but also Apple's, Amazon's, Google's, etc.) approach to online accounts is pretty broken and should be left alone. In the current case, the affected person criticizes Microsoft's account handling policy as being cumbersome. This is especially true for accounts that are more than 20 years old. The person concerned says he can understand that if it is a new account and there is a clear violation of the terms of use, then it will be blocked. He calls for something like a MultiStrike model:
- At the first violation, there is a warning with an exclusion of one day.
- If the user doesn't respond, he or she will eventually have the account deactivated.
The flaw in this approach is simply that the person affected does not receive any information about what went wrong. A warning without details would be of no use to him.
The person concerned then wrote to me that in some cases there is no way around an online account. If cloud storage must be used, consider using a third-party encryption tool. Depending on the service, this could pose a higher risk to the user, as one will then be subject to different terms and conditions (see my comments above on encryption).
Stakeholder's urgent advice: Consider using different accounts on the same service for the different products. That is, have one email for your XBox, another email for your O365 apps, another email for OneDrive (if that's even possible), and another email for Microsoft Store purchases. That way, if you get locked out of OneDrive for questionable files, you can still use Word and your Xbox.
Similar articles:
Stop: Arbitrary blocking of Microsoft Accounts
Microsoft's account suspensions and the OneDrive 'nude' photos
Legal action against arbitrary Microsoft account suspension in Europe
When the degoo bot closes your lifelong account …
Will Samsung users soon face Microsoft account lockout and loose access to content?
My heart goes out to people who suffer such arrogance from firms like Microsoft. PayPal is another company that regularly blocks people who use a VPN. I had a similar, but much less dramatic experience. Blizzard games banned me because I do not have a cell phone and I use a VPN, which is required because we work from home. Despite sitting at one location and moving no more than 3 inches, Blizzard stated I was logging in from multiple locations. Because (and like 2 million other Australians), I do not own a cell phone, in their view I was guilty of suspicious conduct and my account was banned. I lost access to A$1000 of game purchases and updates.
This situation where any attempt to protection oneself online, or protect one's personal data has way gone too far. People are being devastatingly punished for simply trying to be safe only. These companies take the view that the 99% are criminals and the 1% are the good people, which is obviously absurd.
Microsoft becomes more disreputable and less reliable by the day. This is the inevitable consequence of being a monopoly I suppose.
Windows is a vital utility for its users. To have that utility disconnected is like having your electricity supply disconnected. Clearly the CEO feels invulnerable and can do as he wishes. The time is obviously approaching when big multinational corporations are akin to being sovereign nations with powers to match. No wonder some are using Linux. We are still awaiting the crossing of a threshold into general unacceptability by Microsoft which will trigger a mass move away from it.