from Hacker News

"Microsoft Locked My Account – I Lost 30 Years of Photos and Work"

by bundie on 6/17/25, 10:56 AM with 96 comments

  • by hbn on 6/17/25, 1:49 PM

    I know whenever this happens, a lot of HN-types like to act smug about how "you should have known to not trust a company with your data, do your own backups"

    But for everyone else (skipping over the fact that you could have a little more compassion to someone who lost decades worth of important, sentimental data), running your own backups is way more work than should be necessary compared to the mainstream solutions. Especially since most people will likely not hit this scenario anyway, it's just a lottery of the unlucky.

    And honestly why are we just accepting that these organizations sitting on infinitely growing wealth can use it to incentivize us to give us all their data for convenience and otherwise worry-free management of it, and then just lock you out one day based on bad algorithms, and offer next to no customer support to resolve it because they don't want to spend a tiny fraction of their operation budget on a department for that?

    I'm not sure how you'd enforce regulation on something like that but if we're gonna let big tech run rampant and collect all this data on the population, it seems like the bare minimum to offer a better experience for stuff like this.

  • by sebstefan on 6/17/25, 1:55 PM

    Yes - lots of uninteresting discussion about the importance of having backups.

    > This feels not only unethical but potentially illegal, especially in light of consumer protection laws. You can’t just hold someone’s entire digital life hostage with no due process, no warning, and no accountability. If this were a physical storage unit, there’d be rights, procedures, timeframes. Here? Nothing. Just a Kafkaesque black hole of corporate negligence.

    ^ This is what's worth discussing, not opinions about that guy's backups, or what the cloud is, or that this is known to regularly happen. We're already all tech-adjacent

  • by hyperman1 on 6/17/25, 1:54 PM

    A good backup strategy is still hard. Over the years, it became clear to me that ther are not only technical but also legal failure modes. So 'a virus ate it' or 'the drive died' are not enough. We now also have 'I sent a photo of my kid to the docter and the kiddy porn alert went off' or 'The Google algo says no' or even 'Someone called the police on my neighbour and they just took the whole building to evidence'.

  • by erehweb on 6/17/25, 1:50 PM

    Number of people saying that you should just make sure you have backups. That's true, but there's still a role for government to play to prevent this sort of thing. We don't let companies sell poisonous food - why do we let them offer digital services that can be arbitrarily frozen?

  • by nusl on 6/17/25, 12:53 PM

  • by geor9e on 6/17/25, 5:22 PM

    I once lost years of Gmail, Drive, Photos, YouTube, etc., etc., because I posted a meme to their Google Plus social media site. It was a JPEG screenshot of a credit card form, and it said, "This post is only viewable by Google Plus Gold members; sign up now." It just took one click from some apathetic call center moderator, who looked at the post for 0.5 seconds total, to get everything connected with the company insta-wiped. I bought a Synology NAS since then, and now I treat my relationship with any company as very fragile.

  • by lousken on 6/17/25, 2:36 PM

    This belongs to /r/assholedesign

    If you force people into bitlocker, at least have a setup wizard at the start that forces them to export the key/print the key, or maybe even ask them if they want their stuff encrypted. For a regular home desktop, it's rarely a need and too much hassle

    Secondly, why not offer use something like LUKS does just with a password?

    TPM is a horrible way to secure things anyway and you need a PIN for true security.

  • by southernplaces7 on 6/17/25, 1:33 PM

    As applies to other major data services providers with shit-useless customer support and arbitrary algorithmic "service" decision-making, DO NOT FUCKING TRUST your data to rest exclusively within anything that they own and control.

    Export your email archives, spread your personal files across multiple devices and services, and ideally, keep copies of your files on your own backup HDs or at the very least with one other cloud provider, that also happens to be small enough for you to reach a human if something goes wrong.

    At least Microscum can't yet lock one out of their own PC or laptop at this stage. This person trusted too much in their OneDrive service.

    To note: looking particularly at people who've let themselves become Google-dependent here, just as much as anyone silly enough to trust 30 years of their work exclusively to fucking Microsoft of all things.

  • by khurs on 6/17/25, 1:17 PM

    For anyone non technical, always use your own domain so if your email service locks you out, you can move to another instantly.

    And follow the 3-2-1 rule https://www.veeam.com/blog/321-backup-rule.html

  • by npteljes on 6/17/25, 2:50 PM

    Horrible stuff.

    Data is far more important than society, regulation, individuals give it mind. Doubly so if the data is technically in another jurisdiction. And it's a classic insurance scenario too - redundant storage seems like money thrown in the fire, but after a disaster like OP's, lost data seems invaluable.

    Service providers are at the very least part of the problem. For one, they project a lot of confidence for safety, but protect themselves well legally in case of any event - and automate away as much customer interaction as they can.

    A nice improvement would be customer service that takes the issues seriously. But, I realize, that is far more complex and expensive than how it sounds.

  • by jpl56 on 6/17/25, 2:04 PM

    New fear unlocked : account frozen due to sudden peak of activity (which happens logically if you _use_ it).

    Cloud as backup #2, a hard drive as backup #1 and another hard drive in another location as backup #3

  • by nedt on 6/17/25, 4:07 PM

    Yeah Microsoft can be pretty bad with that stuff. When my sons account, which was also what he used for Minecraft, was stolen I even reached out to a real person. Could they help us get the account back? No because they most protect the owner of the account. Which is even more crazy if you think about it because that would be my son and not the thief they gave the account to.

  • by Simulacra on 6/17/25, 1:38 PM

    Never completely trust the cloud. I will never forget when Mat Honan did this and lost everything, while editor of Wired. Always backup offline as much as in the cloud.

    https://www.wired.com/2012/08/mat-honan-data-recovery/

  • by noworriesnate on 6/17/25, 1:59 PM

    I use BeeFiles for all my important files. I can access them anywhere, it’s not a subscription it’s a one time purchase, and it supports backup to external hard drive as well as backup to an online service (subscription based).

    Synology really did a good job of building something non technical people could use as an alternative to onedrive etc.

  • by EGreg on 6/17/25, 1:39 PM

    I gotta say, this is complicated enough that most people don’t do it, and there is a big business opportunity here.

    Resilio Sync (using bittorrent) kinda sucks for backing up to a USB hard drive that’s been connected.

    SynThing is what I use. Even so. What I would really want is something that “just works” with multiple encrypted backups around the world, deduplication and chunking.

    There’s also BackBlaze.

  • by 1970-01-01 on 6/17/25, 1:16 PM

    'What if I told you it's just someone else's computer' meme is evergreen.

  • by anonzzzies on 6/17/25, 1:49 PM

    I dont know how people are so weird to trust any provider ever. Its nice for a bit and then it rots. You always keep everything on pathetically cheap drives at home. Always. You have to assume you will get screwed even if you pay in the age of AI flagging and 0 protections or recourse. How many stories do we need for this to happen?

  • by er0k on 6/17/25, 3:27 PM

    remember when RMS said "cloud computing is a trap" and we all laughed and laughed...

  • by theandrewbailey on 6/17/25, 11:33 AM

    Sadly, this reminds me of a facetious story I wrote several years back when Google tried to build a neighborhood in Toronto. It follows a Google fanboy that moves in, only to get locked out when something abruptly decides "No, you don't live here anymore."

    https://theandrewbailey.com/article/203/Insanity-Locked-Out....

    > But one day, you come back to your apartment. It's locked, and won't accept your authentication method. Since your technocrat landlords despise plain old metal keys for some reason (What are you, a peasant?), they provide one of several alternative methods for you to open doors. (Why can't those cyborgs be more like normal people?) They advise you to never share how or with what you use to login to them. Whatever it is, it's not working. You hope there's not an electrical outage somewhere.

    > Because you're living in the future, everything is connected to the internet. Like most everything else, your door has a display mounted into it. A message appears, informing you that since you've violated the terms of service, your account has been terminated. You're locked out from all your stuff! There is a customer service robot downstairs, so you try to get some answers from it. Unsurprisingly, the robot is not helpful, not sympathetic, and it won't listen to an unperson.