If you believe your Quidax Business account, API credentials, or webhook endpoint has been compromised, take the following steps immediately:

• Regenerate your API keys from the dashboard to revoke the compromised credentials.
• Review your webhook configuration and rotate your webhook signing secret.
• Enable or update IP whitelisting to restrict API access to trusted IP addresses only.
• Contact your Merchant Success manager immediately to report the incident.
• Review your transaction history for any unauthorised activity and document your findings.

Quidax will work with you to investigate the incident, identify its scope, and support any notifications required under applicable law.