If your API credentials are compromised you need to immediately contact Capture support. We will issue new credentials and the old API secret will be invalidated. Please note at this point all the request URLs generated using the old secret will stop working as the hash used to authorize the request will no longer be valid.