OpenAI / Anthropic key leaked — 10-minute emergency response

Updated Apr 24, 2026

Documented Claude Opus victim ran 4.5 days at ~$50K. Here's the 10-minute revoke + rotate + audit playbook.

For: Solo founder who just realized a key leaked

Minute 0-2: Revoke

Open the vendor's API keys dashboard immediately (platform.openai.com / console.anthropic.com)critical
Click Revoke on the leaked key — takes effect within secondscritical
Generate a replacement key with minimum-required permissionscritical

Minute 2-5: Rotate

Update Vercel env vars (mark Sensitive)critical
Update Netlify / Fly / Railway / GitHub Actions env varscritical
Update local .env on every developer's machinecritical
Redeploy production to pick up new key

Minute 5-15: Audit + clean

Search git history: `git log --all -p | grep -E 'sk-(proj-|ant-)?[a-zA-Z0-9]{40,}'`critical
Audit npm publish history if applicable: `npm view <pkg> versions` then download + grep tarballs
Audit .gitignore + .npmignore — add `.claude/`, `.cursor/`, `.continue/`critical

Hour 0-24: Damage control

Review usage in past 24h at platform.openai.com/usage or console.anthropic.comcritical
If unauthorized usage spike: contact vendor billing support for fraud reversal (24h window)critical
Set vendor-side spend cap as backstop for next timecritical
Set restricted-key permissions on the new key

Prevention going forward

Install Securie when early access opens — secret_scanner specialist live_validates at PR timecritical
Run gitleaks pre-commit hook with custom Anthropic + OpenAI patternscritical
Per-key spend caps on every paid AI API
Quarterly key rotation calendar reminder

OpenAI / Anthropic key leaked — 10-minute emergency response · Securie