My production project is down and suspended for 48h now with no prior notice and no reply for my appeal request. Not sure what to do. We are facing a huge loss. I have audited all my code for any security leak and it is clean. Not sure what happened.
URGENT: Project ZIP-NEW (zip-new-141ba) Suspended for Hijacking - No Response to Appeal after 48h.
Hello ak3696,
I understand the urgency of your situation. A 48-hour production outage without a response is a severe bottleneck. Because "Hijacking" flags usually involve high-risk security triggers, standard appeals can sometimes take longer to process manually.
To expedite your recovery, please follow these steps immediately:
1. Escalate via Official Support Channels
Paid Support: If you have a Basic, Enhanced, or Premium support plan, do not wait for the appeal. Open a Priority 1 (P1) case through the Google Cloud Console Support Hub.
Billing Support: If you cannot access the technical support console, file a ticket through the Billing Support Form. Billing teams often have a faster path to reaching the Trust & Safety team.
2. Perform an "Out-of-Band" Security Audit
While you mentioned the code is clean, hijacking often occurs at the IAM (Identity and Access Management) level rather than the code level. Verify the following:
Service Account Keys: Check if any JSON keys were accidentally committed to public repositories (e.g., GitHub).
Unauthorized Instances: Check your Billing Export (if available) for unexpected usage in foreign regions, which often indicates the project was used for unauthorized mining or DDoS.
3. Refine Your Appeal (If you get a follow-up)
When you receive a response, provide a Remediation Statement. Google is more likely to reinstate a project if they see you have closed the hole. For example:
"We have audited all IAM roles, rotated all Service Account keys, and enabled MFA for all project owners. We have identified the potential leak point and restricted API access to prevent recurrence."
4. Public Escalation
If you still receive no response within the next few hours, consider posting your Case ID and Project ID on the Google Cloud Community Slack or tagging @GoogleCloudTech on X (Twitter). Google Cloud Advocates often monitor these channels for critical production-down issues.
Global Opifex Pro-Tip for Recovery:
If the suspension persists, your fastest route to restoration may be deploying your Infrastructure as Code (Terraform/Pulumi) into a temporary new GCP Project under a different billing account to get your services back online while the original project is under review.
Stay persistent—human intervention is usually required for hijacking flags to be cleared.
Login to the community
Login with SSO
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.