Your issue might not be just the rogue employee leaking certificates, it sounds like you were sharing one Apple Developer account between multiple developers which is also against their T's & C's

Really every developer should have their own account and work on their own machine

If you were all using the one account on the same machine, then Apple has no way of telling who did what

> it sounds like you were sharing one Apple Developer account between multiple developers which is also against their T's & C's

Whether the case or not here (I don't know), taking a look at the big picture: Imagine if in the 90s Apple could come in to a software company and dictate what development practices and account management they must do to ship software for a Mac! Would've been instant outrage. Anyone was free to write and ship software however they liked. How low we have fallen to allow near-monopolies to dictate terms.

I think the earlier comment was asking about transparency about your product. What is it and exactly what does it do? And also what exactly did the rogue employee do?

Some of these detail might allow the community to decide if Apple is being unfair or there is actual cause for concern. We have so far seen a very one-sided story.