Subscribe

API key breach triggers $82K Gemini bill for developer team

March 5, 2026 A small development company in Mexico says a compromised Google Cloud API key triggered more than $82,000 in unauthorized usage of Google’s Gemini AI services in roughly two days, a roughly 455-fold increase over their normal monthly costs. 

The developers say their API key was compromised between Feb. 11 and Feb. 12 and used to access Gemini 3 Pro Image and Gemini 3 Pro Text services at scale. Their typical monthly AI spending was about $180, but the spike generated a bill of approximately $82,314.44. The team says it has attempted to negotiate relief with Google but has not received a payment adjustment so far.

According to a representative from Google’s headquarters in Mountain View, customers using generative AI services are responsible for securing their own credentials under the platform’s Shared Responsibility Model. Under that framework, cloud providers operate the infrastructure, while users are expected to protect authentication keys and implement safeguards against misuse.

The developers say they were unaware of any obvious operational error and only discovered the issue after the surge in usage. They responded by deleting exposed keys, disabling Gemini API access and enabling two-factor authentication across their accounts, and they opened a support request with Google.

One of the developers described the billing spike on Reddit and argued that cloud providers should introduce stronger protections against extreme usage anomalies. “A jump from $180/month to $82k in 48 hours is not ‘normal variability.’ It is obvious abuse,” the developer wrote.

The team has been seeking advice from the developer community while trying to determine how the key was exposed. Some online discussions have suggested the credential may have been uploaded to a public repository, though the developers dispute claims that the key was knowingly exposed.

The incident also reflects an operational risk for startups building on usage-based AI services. Generative AI APIs can scale quickly and so can the associated costs, making credential security and monitoring critical controls for development teams with limited financial buffers.

Top Stories

Check Point launches Canada-only security region to meet rising data residency demands

OpenAI amends Pentagon deal after backlash over surveillance concerns

QuitGPT: OpenAI faces consumer backlash after DoD deal

Bell, Telus withdraw CRTC complaints over network sharing

eBay cutting 800 jobs amid strategic realignment

U.S. Pentagon presses Anthropic to lift AI use restrictions

Related Articles

Check Point launches Canada-only security region to meet rising data residency demands

March 5, 2026 Check Point Software on Wednesday launched a dedicated Canada data region for its CloudGuard Web Application Firewall more...

Drone strikes hit AWS data centres in UAE

March 4, 2026 Two Amazon Web Services data centres in the United Arab Emirates were “directly struck” by drones over more...

OpenAI developing GitHub rival after service disruptions 

March 4, 2026 OpenAI is developing an internal code-hosting platform that could compete with Microsoft-owned GitHub, according to a report more...

Accenture acquires Ziff Davis Connectivity division in $1.2B deal

March 4, 2026 Ziff Davis has agreed to sell its Connectivity division, including Ookla’s Speedtest and Downdetector, to Accenture for more...

Picture of Staff Writer

Staff Writer

Picture of Staff Writer

Staff Writer

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.