Blog · March 3, 2026
A Stolen Gemini API Key Turned a $180 Bill Into $82,000
A developer went from a $180 monthly Gemini bill to owing Google $81,820 in 48 hours. The cause? A leaked API key and no spending cap to stop the bleeding.
The story went viral on X this week, racking up 2.8 million views and prompting a direct response from Google. It's a cautionary tale about API key security — but also about a gap in Google Cloud's billing controls that doesn't exist at other major providers.
What happened
According to the original thread, the developer's Google Cloud API key was compromised between February 11 and February 12, 2026. Attackers used the stolen key to hammer Gemini 3 Pro Image and Gemini 3 Pro Text services.
The timeline is brutal:
- Before the attack: ~$180/month typical usage
- 48 hours later: $81,820 in charges
- Per-hour burn rate: ~$1,700
That's a 454x spike in two days. By the time the developer noticed, the damage was done.
Why Google Cloud is different
Here's what makes this story worse than a typical credential leak: Google Cloud doesn't offer hard spending caps on API usage.
When users in the thread suggested "just set a budget limit," the developer responded with a screenshot showing Google's billing alert settings. Google lets you set alerts when you hit a spending threshold — but it won't automatically stop charges from accumulating.
This is fundamentally different from other providers:
| Provider | Hard spending cap? | Notes |
|---|---|---|
| OpenAI | Yes | Set a hard limit; API stops when reached |
| Anthropic | Yes | Monthly spend limit enforced at API level |
| AWS Bedrock | Partial | Budget actions can trigger Lambda to revoke access |
| Google Cloud (Gemini) | No | Alerts only; no automatic cutoff |
With OpenAI or Anthropic, a leaked key hitting a $500 cap stops at $500. With Google Cloud, it stops when the attacker stops — or when you notice and revoke the key manually.
Google's response
The viral thread got Google's attention. Logan Kilpatrick, who leads Gemini developer relations, replied directly:
"New hard caps experiment for the Gemini API should rollout targeting March 12, we have been sprinting to get this done to give devs more spend control and peace of mind!"
That's good news for future users — but it doesn't help anyone who got hit before the feature exists. The developer in this case is presumably still on the hook for the $82K.
The math on what went wrong
Let's reverse-engineer what the attacker was doing. Gemini 3 Pro pricing:
- Input: $1.25 per 1M tokens
- Output: $5.00 per 1M tokens
- Images: Variable, but adds up fast
At $81,820 over 48 hours with mixed text/image workloads, the attacker was likely running:
- ~10-15 million tokens per hour (text)
- Thousands of image generation/analysis requests
- Possibly multiple concurrent processes maxing out rate limits
This wasn't casual abuse — it was industrial-scale extraction. The attacker knew exactly how to maximize throughput before the key got revoked.
How to protect yourself
Until Google's hard caps ship (and even after), here's what actually works:
1. Never commit API keys to code. Use environment variables or secret managers. The most common leak vector is still accidental commits to public repos.
2. Rotate keys regularly. If you haven't rotated your Gemini API key in months, do it today. Old keys have more exposure time.
3. Restrict key permissions. Google Cloud lets you scope API keys to specific services and IP ranges. A key that only works from your production servers can't be abused from an attacker's machine.
4. Monitor in real-time. Google's billing alerts have a delay. By the time you get an email, you might already be $10K deep. You need faster visibility.
5. Set up automated responses. Until hard caps exist, you can rig up a Cloud Function that revokes API keys when spend spikes. It's not pretty, but it works.
The bigger picture
This incident highlights a growing problem with usage-based AI pricing: the upside for developers (pay only for what you use) becomes a liability when usage is out of your control.
The $82K bill isn't just a security story. It's a reminder that API economics cut both ways. The same pricing model that lets you scale affordably also lets an attacker scale your bill exponentially.
Google's upcoming hard caps will help. But the broader lesson is that any production AI deployment needs spend monitoring as a first-class concern — not an afterthought.
If you're running Gemini, Claude, or GPT in production, we built MarginDash to track exactly this. Real-time cost visibility across every provider, with alerts that trigger before you're five figures deep.