A small startup is confronting potential bankruptcy after unknown attackers exploited a compromised Google Gemini API key to rack up $82,314 in unauthorised charges over just 48 hours in mid-February 2026. The three-person development company, which typically spends around $180 monthly on Google Cloud services, experienced a massive 46,000 percent cost increase when cybercriminals used the stolen key to consume significant amounts of Gemini 3 Pro Image and Text services between February 11 and 12. Despite immediately deleting the compromised key, disabling Gemini APIs, rotating credentials, and implementing additional security measures, the developer reported that Google’s support team cited the company’s shared responsibility model and indicated the charges must be paid, threatening the startup’s very survival.
The incident appears to be part of a broader security vulnerability affecting thousands of Google Cloud users, as cybersecurity firm Truffle Security discovered 2,863 live Google API keys exposed across millions of websites. The fundamental problem stems from Google’s API key format, which begins with the easily identifiable string “AIza” and was historically designed as a public project identifier rather than a secret authentication credential. Legacy API keys created years ago for services like Google Maps, where developers were instructed to embed keys directly into public HTML code, have quietly gained new privileges to access Gemini services without any notification to key owners. Truffle Security researchers warned that anyone possessing these exposed keys can now access uploaded files, cached data, and generate unlimited AI usage charges on victims’ accounts.
Google initially dismissed Truffle Security’s vulnerability report in November 2025 as “intended behaviour” but reversed course after researchers provided examples from Google’s own infrastructure showing the security gap. The company reclassified the issue from “Customer Issue” to “Bug” with upgraded severity and requested the list of exposed keys, though as of early February no concrete fix had been deployed. Google subsequently implemented proactive measures to detect and block leaked API keys attempting to access the Gemini API, and by late February claimed to have addressed the issue in collaboration with researchers. However, the underlying architectural problem extends beyond Google, as organisations increasingly bolt AI capabilities onto existing platforms without anticipating how legacy credentials might gain dangerous new privileges, creating an expanding attack surface that nobody anticipated when those authentication systems were originally designed.