It's more about Azure AD, so getting the case routed to that team is probably best. Typically, you need premier support to get decent engagement from Microsoft. I'm not sure what kind of process they have to prove tenant ownership in that situation, but I imagine it's a manual sort of verification.
Losing access to the global admin account is not good (I'm presuming it was compromised). In the future, I'd suggest creating a second global admin account with a strong unique password and store that in a lockbox outside of Office 365. If there are multiple people that need global admin access on a routine basis (although, right-sized admin permissions are better), then it is ideal to create multiple admin accounts (so you can audit the source of the compromise), and lecture people not to use a weak/reused password, enable MFA (which is free for admin accounts), and never give admin access to someone's account that they use for normal user activity. Jesse On 11/5/20 5:47 AM, Simon Burke via mailop wrote: > Hi, > > So this morning one of our customers has had all their O365 admin accounts > stripped of their admin privileges, and various user accounts are spewing out > spam. > > Going through normal support channels we're told we're to wait 2-4business > days to speak to anyone at Microsoft (Microsoft first line have told us this > timescale). > > Is there anyone who can suggest a contact or anything to move this forward? > > NB. Apparently only global admins can change passwords in this environment, > so although we can use the 'sign out of all devices' option, we can't change > passwords at all currently. > > We are the O365 reseller in this instance. > > Regards, > Simon. > > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop > _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
