A Mexican startup with three developers was billed 455 times more for AI than usual. The reason was a stolen API key that gave attackers mass access to Google Gemini. The small company tried to settle the matter with Google, hoping to get a write-off, but the tech giant refused to review the amount before paying.
A Mexican startup with three developers was billed 455 times more for AI than usual. The reason was a stolen API key that gave attackers mass access to Google Gemini. The small company tried to settle the matter with Google, hoping to get a write-off, but the tech giant refused to review the amount before paying.
One of the affected developers shared details of the incident on Reddit. According to the post, a Google Cloud API key was compromised between February 11 and 12. The attackers mostly used it to access the Gemini 3 Pro Image and Gemini 3 Pro Text services.
The startup typically spends about $180 a month on AI services, but the unauthorized use resulted in a bill of $82,314.44. The developers say they were working on a shoestring budget, hoping their product would eventually become profitable. They fear that even if they were forced to pay just a third of that amount, such costs could still bankrupt the business.
A Google Mountain View spokesperson said that customers using generative AI services are responsible for protecting their own credentials under the platform's Shared Responsibility Model. Under this framework, users are expected to implement appropriate security measures, as service providers are not responsible for abuses resulting from compromised authentication keys.
The developers said they did not consider their operational error to be “obvious.” After discovering the key compromise, they attempted to secure their system by deleting public keys, disabling access to the Google Gemini API, and enabling two-factor authentication for all accounts. They also opened a ticket with Google support, but say they have not yet received any effective resolution.
One developer on Reddit added that cloud providers should implement stronger mechanisms to protect against anomalous accounts. He suggested that platforms automatically suspend services or require payment confirmation when spending reaches critical thresholds, noting that there are currently no mechanisms to force confirmation during sudden traffic spikes.
“A jump from $180 a month to $82,000 in 48 hours is not a ‘natural fluctuation.’ This is obvious abuse,” the IT expert said.
The Mexican team sought advice from the online developer community. Some experts warned against over-reliance on resource-intensive services such as the Gemini family of generative AI APIs. There were also conflicting claims about whether the developers themselves had uploaded the compromised key to public repositories (such as GitHub) — a key part of Google’s “Shared Responsibility Model.” The developers later denied claims that the key was left publicly available intentionally.
Before the introduction of modern authentication methods in generative AI services, some legacy API systems were considered more vulnerable to hacking. The developers believe that this case will help draw attention to the broader security and billing protection issues in cloud computing environments. They have also reportedly filed a complaint with the Federal Bureau of Investigation (FBI).
