It is quite definitely possible to retrieve the private key because reusig R implies you reused the secret nonce K, and reusing S just makes the calculation easier.
By plugging in numbers in
this post, and using the fact that r1 = r2, s1 = s2, you get:
H here represents the message hash.
the nonce k = (s2 - h2 + s1h1)(s1 - r1)
-1 mod n
= (s2-h2+s1h1)s1
-1 - (s2-h2+s1h1)r1
-1Which is just s2h1-h2s1 - s2r1
-1 +h2r1
-1+s1h1r1
-1.
Now that we have k, which is required to get the private key, we can change variables of the ECDSA equation s = k
-1(h
1 + r
1 d
A) to dA the private key (we don't have to use (h1,r1,s1); you can also use (h2,r2,s2) if you want).
dA the private key = (s1*k-h1)r1
-1 OR (s2*k-h2)r2
-1.