Urgent Inquiry Regarding Exposure of deleted API Key

Hello Team,

I'm writing with a pressing concern regarding a potential security oversight on my part.

I inadvertently published an RStudio Connect API key within a public Git repository, which was exposed for a week before being flagged. Immediately upon realization, I deleted the repository and the API key from our internal RStudio Connect server. I understand the gravity of the mistake and am committed to taking all necessary measures to ensure the safety and security of our data.

To that end, I would like to ascertain if there's a way to check if the API key was accessed or used by any unauthorized parties during the time it was exposed. Specifically:

  1. Is there a log or an audit trail within RStudio Connect that would show any access or actions taken using the API key during the specified period?
  2. Are there any best practices or immediate steps you recommend we take to further mitigate potential risks?

Thank you for your understanding and support.