A three-person startup that spends about $180 a month on Google Cloud got a bill for $82,314. The charges came in over 48 hours. Someone had stolen a Google API key and used it to run Gemini requests at scale. Google cited its shared responsibility model and told the developer to pay up.
Here's how this happened to roughly 2,863 other projects at the same time.
Keys that were never meant to be secrets
For years, Google told developers that certain API keys were safe to put in public code. Maps keys. Firebase keys. They were project identifiers, not secrets. Google's own docs said to paste them straight into your HTML. Developers did what they were told. Those keys are sitting in source code on millions of websites right now.
Then Google rolled out the Gemini API. When anyone on a Cloud project enabled it, every existing key on that project quietly gained access to Gemini endpoints. No notification. No prompt. No changelog entry. Keys that had been public for years were suddenly live credentials for a paid AI service.
2,863 exposed keys
Truffle Security found the problem. They scanned the web and confirmed 2,863 exposed keys that authenticate to Gemini right now. They reported it to Google in November 2025. Google's initial response: "intended behavior."
It took Truffle showing Google a vulnerable key on Google's own website before the severity got upgraded.
Billing alerts aren't circuit breakers
The developer who got the $82K bill had billing alerts turned on. But billing alerts are notifications, not circuit breakers. By the time the email arrived, the meter had been running for hours. Google hasn't forgiven the charges. The developer wrote on Reddit that if Google enforces even a fraction of the bill, the company goes under.
The rules changed. The keys didn't. And nobody told the people holding them.
BeatMask catches API keys and credentials before they're submitted. On your device, before anything reaches a server.