May 15, 2026 Several Google Cloud customers say their API keys were compromised and used to run expensive AI workloads, resulting in unexpected bills worth tens of thousands of dollars. In multiple cases, users report that automated systems increased their spending limits to as much as $100,000, allowing the charges to continue despite pre-set budget caps.
The incidents follow a consistent pattern described across developer forums and social platforms. Accounts that previously generated small monthly charges, often for services like Google Maps, were suddenly hit with rapid spikes in usage tied to high-cost AI models such as video and image generation tools. In some cases, thousands of dollars were charged within minutes.
Google maintains that the issue is not specific to its platform, describing it as an industry-wide problem linked to compromised credentials. The company says most incidents stem from API keys being exposed in public code repositories or misconfigured environments, where attackers can scrape and exploit them. It advises developers to use multi-factor authentication, restrict API usage, and avoid embedding credentials in public-facing code.
However, some developers say they were following official guidance. Historically, Google recommended embedding certain API keys, particularly for Maps, directly in client-side applications. Security researchers now warn that changes to Google’s platform expanded the scope of what those keys could access, including newer AI services, without clearly isolating permissions.
One such case involved a developer whose application relied on Google Maps. After years of stable, low-cost usage, the account was suddenly billed thousands of dollars for AI services unrelated to the product. The charges were traced to video and image generation APIs, which had been accessed using the same publicly exposed key. Despite raising the issue, the developer said Google found no evidence of fraud and declined to issue a refund.
Security researchers have identified a broader exposure risk. Analysis of publicly available code found thousands of API keys – many originally intended for Maps – still accessible online and capable of interacting with newer AI services. These keys often follow identifiable patterns, making them easier to locate and exploit at scale.
Budget controls have also come under scrutiny. Some affected users had set strict spending caps, expecting them to limit exposure. Instead, those caps were automatically raised as usage increased. According to Google, accounts can be upgraded to higher spending tiers once they meet certain criteria, such as exceeding $1,000 in total usage and maintaining an active account for more than 30 days. Higher tiers can allow spending limits between $20,000 and $100,000.
This automatic scaling is designed to support legitimate growth in usage, but in cases of unauthorized access, it can amplify financial impact. Developers say the system allowed attackers to escalate costs rapidly before intervention was possible.
Response times have added to the frustration. Some users report delays of up to 36 hours before detailed usage data becomes visible through support channels. During that window, identifying the source of the activity or stopping further charges can be difficult.
Google says it has introduced additional safeguards. New API key types have been separated to prevent cross-access between services, and restrictions are now required when creating keys. The company also emphasizes applying service-specific limitations, such as binding keys to particular APIs or restricting usage by IP address or domain.
