Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours.…
You must log in or # to comment.
Cybersecurity is on top level. Not only haven’t they secured their key, they even haven’t set the software to alert of sudden spikes in API activity for this key in their environment, assuming, that it took 2 days for them to notice such enormous spendings.
They also apparently didn’t set a limit.
I expect such cases will continue to be more common as slop code worms its way into the market.
