A stolen Google Cloud API key generated $82,314 in Gemini charges within 48 hours, according to developer Andras Bacsai. The key's normal monthly usage cost only $180, making this a 450x spike in billing. Bacsai discovered the breach when his usual cloud costs skyrocketed overnight.

The incident highlights the critical importance of securing API keys and implementing spending limits. Without billing caps, a compromised key can generate massive charges before the owner notices. Bacsai warns that such breaches can "bankrupt you overnight" if left unchecked.

This case serves as a stark reminder for developers to enable billing alerts and spending limits on all cloud API keys. The rapid accumulation of charges demonstrates how quickly malicious actors can exploit exposed credentials. Bacsai's experience underscores why proper key management and monitoring are essential security practices.