Google Cloud Platform project suspended

Google Cloud Cloud Foundations & Onboarding
, , , ,
1

Hello,

I’ve received an email from Google saying they were suspending my project due a violation of Terms of Service by mining cryptocurrency. First time I hear about mining cryptocurrency! Right after that the access to my project was blocked. I has been over 5 days and we have been desperately trying to contact Google but don’t get any replies at all. We sent an Appeal explaining the details of our project, emails and nothing.

The project is a database server using no Google API other than it being an SQL instance. The activity on this server naturally includes and is only limited to, read/write database data, backup database data, and being accessed from another server. If there is any activity that differs from the above, we can only conclude that there might have been unauthorized access to the project. In that case, please tell us what they have accessed the database through so we can do steps to block such activity.

The suspension of the project has caused a system outage that is affecting our production application, which has more than 2,000 Stores. And we don’t have that data backup anywhere else.
Due to the emergency of the situation, please let us know as soon as possible if the project can be reinstated, or if it needs more information before it can be restored.

Can Google completely shut down the access to the account? Wouldn’t it make more sense for them to just disable the account to start the servers until the issue is resolved? which clearly is a mistake, unless our server has been hacked.

Is there any other way to contact Google? (that we can actually get a response)… Everyone is blaming me, because Google Cloud was my choice for these tests. I never thought something like this could happen.

Thank you!
Anna

2

Hi,

  1. Yes, they can , due to Terms of Service

"4. Suspension.

4.1 AUP Violations. If Google becomes aware that Customer’s or any End User’s use of the Services violates the AUP, Google will notify Customer and request that Customer correct the violation. If Customer fails to correct the violation within 24 hours of Google’s request, then Google may Suspend all or part of Customer’s use of the Services until the violation is corrected."

based on

" 3.3 Restrictions. Customer will not, and will not allow End Users to, (a) copy, modify, or create a derivative work of the Services; (b) reverse engineer, decompile, translate, disassemble, or otherwise attempt to extract any or all of the source code of, the Services (except to the extent such restriction is expressly prohibited by applicable law); (c) sell, resell, sublicense, transfer, or distribute any or all of the Services; or (d) access or use the Services (i) for High Risk Activities; (ii) in violation of the AUP; (iii) in a manner intended to avoid incurring Fees (including creating multiple Customer Applications, Accounts, or Projects to simulate or act as a single Customer Application, Account, or Project (respectively)) or to circumvent Service-specific usage limits or quotas; (iv) to engage in cryptocurrency mining without Google’s prior written approval; (v) to operate or enable any telecommunications service or in connection with any Customer Application that allows End Users to place calls or to receive calls from any public switched telephone network, unless otherwise described in the Service Specific Terms; (vi) for materials or activities that are subject to the International Traffic in Arms Regulations (ITAR) maintained by the United States Department of State; (vii) in a manner that breaches, or causes the breach of, Export Control Laws; or (viii) to transmit, store, or process health information subject to United States HIPAA regulations except as permitted by an executed HIPAA BAA."

2. For contact, you can choose https://cloud.google.com/contact/ one of them ( maybe it will help ), or this https://cloud.google.com/support/billing ( at least somebody should reply ).

3. It’s not your fault that you’ve choose Google Cloud. All of big hyperscalers have this kind of restrictions.
4. Even if your env has been attacked and hacked, this is YOUR responsibility to prevent those kind of attacks (at data layer ofc) Vendor ensure security at low level infra, like physical servers, or network like DDoS prevention etc, but you should secure your VMs, load and SQL DBs.
4. Good advice, if you have 2k stores, and medium or large env, it would be good to start doing backups :wink:

cheers,
DamianS

1 Like