I'm not sure if I get your question, but I think a customizable spending limit is a basic feature. I don't know if Google has it or if the dev just didn't set it up.

optimism

Changing the name is kinda whack, but it depends on the situation.

> A developer says...

Tangent: Should they still be called developers? 
I would've thought we'd have moved on to more appropriate names by now. Like clawnker whisperer, coin feeder, or something along those lines.

unboiled

Gemini lets you pay after use? Every model marketplace I've seen demands I have to pay them upfront for all usage.

572aa88414

Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed

A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours.

"I am in a state of shock and panic right now," the dev wrote on Reddit, and went on to detail how his startup's Google Cloud API key was somehow compromised between February 11 and February 12. During that time, unknown miscreants used the key to spend $82,314.44, primarily on Gemini 3 Pro Image and Gemini 3 Pro Text.

This is quite a cost jump, considering the three-developer Mexico-based company, usually spends $180 a month. This was about a 46,000 percent increase.

After deleting the compromised key, disabling the Gemini APIs, rotating credentials, and taking other security precautions, the developer says he opened a support case with Google and got nowhere.

A Google representative allegedly cited the company’s shared responsibility model – Google secures its platform and users must secure their own tools – and said the Chocolate Factory had to charge the developer for the unauthorized API costs.

This, the dev wrote, "really worries me. If Google attempts to enforce even a third of this amount, our company goes bankrupt. We are barely surviving and hoping one of our products work."

It looks like he may not be alone in his worries – or in experiencing API key compromise.

> **Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed**
>
> A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours.
>
> "I am in a state of shock and panic right now," the dev wrote on Reddit, and went on to detail how his startup's Google Cloud API key was somehow compromised between February 11 and February 12. During that time, unknown miscreants used the key to spend $82,314.44, primarily on Gemini 3 Pro Image and Gemini 3 Pro Text.
>
> This is quite a cost jump, considering the three-developer Mexico-based company, usually spends $180 a month. This was about a 46,000 percent increase.
>
> After deleting the compromised key, disabling the Gemini APIs, rotating credentials, and taking other security precautions, the developer says he opened a support case with Google and got nowhere.
>
> A Google representative allegedly cited the company’s shared responsibility model – Google secures its platform and users must secure their own tools – and said the Chocolate Factory had to charge the developer for the unauthorized API costs.
>
> This, the dev wrote, "really worries me. If Google attempts to enforce even a third of this amount, our company goes bankrupt. We are barely surviving and hoping one of our products work."
>
> It looks like he may not be alone in his worries – or in experiencing API key compromise.
>
> [**...read more at theregister.com**](https://www.theregister.com/2026/03/03/gemini_api_key_82314_dollar_charge/)