Skip to main content
Question

Production Firebase project suspended 13 days for suspected credential exposure β€” no evidence of abuse, seeking guidance on appeal timing

  • June 3, 2026
  • 0 replies
  • 14 views
creatorconnect
Forum|alt.badge.img+1

Hi all,

Looking for advice from anyone who has navigated a "Hijacked Resource" suspension or has insight into typical Trust & Safety appeal timelines.

TL;DR: Production Firebase project (live consumer app) was suspended on May 21 for suspected credential compromise. I had unintentionally committed service account keys to a private repo (months ago) and it has only been pulled by 2 developers.Β Β Despite this exposure, my audit logs show no abusive activity, no foreign IP usage, and total billing for the month was about $1.99. I responded to the Trust & Safety follow-up on May 25 with a full remediation report. 13 days in, still no response. Console is locked behind the appeal screen.

What I've done:

  • Revoked all user-managed keys on affected service accounts via gcloud CLI (only SYSTEM_MANAGED keys remain)
  • Deleted exposed Gemini API keys in AI Studio
  • Purged credentials from version control history
  • Rotated third-party keys (payment processor and others in progress)
  • Reviewed 120 days of Admin Activity audit logs β€” no unauthorized principals, no unfamiliar IPs, no unauthorized resource creation
  • Drafted org policy to disable SA key creation and moved secrets to Secret Manager

What I'm trying to figure out:

  1. Has anyone seen a "Hijacked Resource" appeal take this long when there's no evidence of actual abuse in the logs?
  2. Is there a way to regain limited console access (specifically IAM and APIs & Services) to complete credential rotation while the appeal is pending? Right now I'm locked behind the appeal screen and can't fully audit/rotate from the UI.
  3. I may have hurt my case by submitting multiple appeals on May 21 as I discovered new information β€” has anyone seen this affect review timelines?
  4. Any guidance on appropriate escalation paths I haven't tried? I've filed a support case and a billing support case in addition to the appeals.

Business impact: This project supports a live music streaming app with active creators. Today is the 1st of the month and creators can't request payout through the suspended dashboard. Looking at manual payout processes in parallel, but reinstatement would obviously be the cleanest resolution.

Happy to share the full appeal response privately if anyone with Google contacts can help route this. Project ID available on request.

Thanks for any guidance.

Terms & ConditionsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.