GoKawiilOur startup (Qcart) is currently facing a 100% production outage across multiple countries. AWS Trust & Safety restricted our account 18 hours ago due to an exposed circleci access key.
Timeline:
18+ hours ago: Received notification of exposed keys (linked to a circleci-eb user).
We deleted the IAM user and all associated keys. Confirmed remediation in the support case.
Current status: Total silence. Support agents keep saying "the specialized team is looking into it," but we have had zero updates while our business is dying.
We have already rotated all credentials and verified that no other unauthorized access exists. We are a small team and this 18-hour delay with no human response from the security team is devastating.
Does anyone at AWS have advice on how to get a human to actually review a resolved security flag?
Case ID: 177385077300217
Any help or visibility is greatly appreciated.