“We go bankrupt:” stolen Gemini API key turns $180 monthly bill into $82K catastrophe, developer says

Published: 3 March 2026
Cloud backup from smartphone to PC
Image TippaPatt | Shutterstock

Just as researchers are ringing the alarm bells about thousands of exposed Google API keys, one small dev team is facing the worst-case scenario – an $82,000 bill.

A team of three developers in Mexico is facing an $82,314.44 bill, a 457 times increase over their usual $180 charge, TechSpot reports.

“I am in a state of shock and panic right now. Between February 11th and 12th, our Google Cloud API Key was compromised (We don't know how, we didn't find an obvious mistake) and generated $82,314.44 in charges,” the unverified post on Reddit claims.

ADVERTISEMENT

Cybernews attempted to contact the user with the moniker RatonVaquero, who posted the story, for confirmation, and will include their response.

The user claims that unexpected charges comprise almost entirely of the Gemini 3 Pro Image and Gemini 3 Pro Text usage.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

“I don't know what happened. As far as I know, the key was never exposed accidentally,” the user said.

“We never uploaded the key to GitHub.”

The developers complain that cloud giants provide no safeguards against catastrophic billing increases.

“We had basic alerts, but nothing that actually stopped usage. It just kept charging,” RatonVaquero said.

Has my data been leaked?
Check Now
ADVERTISEMENT

“Why are there no basic guardrails for catastrophic usage anomalies? No automatic hard stop at 5x or 10x historical usage. No forced confirmation on extreme spikes.”

The developer expressed concern that their company risks bankruptcy even if Google reduces their liability to a third of the total bill under Google Cloud’s Shared Responsibility Model, as it exceeds their bank account balance by “multiple times.”

Some other Redditors suggested simply declaring bankruptcy, though RatonVaquero responded that their personal card is “on the file.”

Cybernews reported that Google API keys have become far more sensitive credentials since the introduction of the Gemini API. Truffle Security researchers warned that thousands of Google API keys are exposed on websites and elsewhere, and that attackers can abuse them to rack up massive AI charges on unsuspecting account holders. Google said it has implemented proactive measures to detect and block leaked API keys that attempt to access the Gemini API.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Nadella scoffs at AI giants as Microsoft may host China’s DeepSeek
Cruel cyber training in Canada: testing if exhausted employees would fall for a 'day off' scam
Cloudflare gives AI agents temporary accounts to deploy websites without human logins
Developers giving attackers a free ride after hundreds of iPhone AI apps found exposing credentials
This tiny European country is pioneering digital ID for AI agents
Canadian lender TD tells some employees it will use software to monitor their work
ADVERTISEMENT