Urgent: GCP Project Suspended for Resource Hijacking - Unable to Access IAM to Rotate Leaked Keys

I am also having this problem of suspension for resource hijacking and charges in Google cloud 5500 rupees 

Try Google Admin Toolbox: Recovery Form 

I have been waiting for 3 weeks now, it is not acceptable, and will never recommend Google for anyone.

​@Kragekjaer ​@rakesh.shrestha 

After 3 weeks without any reply I got a email to the Google Cloud Console Appeal Notification email, where they asked if I can describe the problem and what steps I took — something I already included in the original appeal.

So now I’ve waited 3 weeks to give Google the same information, and now I guess I have to wait a few more weeks to get a reply to this email.

Any luck for someone else here?

This is very frustrating.

I would pay money to get help on this. 

I agree. This is unacceptable, and unnacceptable to have no recourse to fix ANYTHING look at logs etc. due to getting redirected to appeals page. Even the “Read More” link on the console on the suspension appeal page redirects to the suspesion appeal page. Beyond messed up and ironically means basically google hijacked my project.

Yes, there is a paid support option, and it was the only way I managed to get this resolved. I upgraded to Standard Support (which starts at around $29/month).

Hello,

I am seeking assistance with a project suspension that has now exceeded the standard review window. My project, MindfulFlow (id: mindfulflow-613bc), was suspended due to an API key compromise that resulted in unauthorized activity.

Case Details:

Appeal Case ID: [removed by moderator]

Initial Suspension Date: April 21, 2026

Last Communication from Google: April 24, 2026 (Request for additional information)

Status: My detailed response was sent on April 24, but I have received no update since.

Remediation Steps Taken:

Key Revocation: I have already revoked the compromised Gemini API key.

Architecture Fix: I have identified that the compromise occurred because the key was embedded in the Android client. I am migrating the app to use Vertex AI for Firebase with App Check to ensure no keys are exposed in the future.

Security Commitment: I have committed to routing all AI requests through Firebase's secure infrastructure.

My app is currently live on the Play Store, and this prolonged suspension is significantly impacting my users. Could a Community Manager please help escalate this case to the Trust & Safety team for a human review?

Thank you for your time and help.

I just want to inform that my issue was resolved. And according to Google Support the problem was that Gemini API had been misused by an unknown person to generate a lot of images. I disabled the Gemini API, revoked the API keys of course and the issue is now resolved. I’ve heard that from more users that the issue is in fact Gemini API in most cases - so if you have that activated, please make sure that you disable it ASAP.

Yes that was the first thing that I did technically I have resolved it immediately but the cloud console dashboard and my firebase database are still blocked after I have explained everything to detail and next steps that I will take but I can not do that because I cant get to the console. :(

Hi, where did you do this? I can’t find it and the console is only showing the appeal form. Thanks!

Hi,
I am facing the same issue - account suspended due to hijacked resources. Submitted an appeal but no response since 3 weeks.

I have been trying to upgrade to a standard support plan but I am unable to. 
I tried via the sign up button on support page but I keep on coming across the “request an appeal” page and i also tried contacting the sales rep via chat and they told me they cannot upgrade me to standard plan via chat, they can only upgrade to premium plan which is $15k/month. 

How did you upgrade your plan? Please if you can help me