Google Cloud customer wakes up to $18,000+ bill despite $7 budget, thanks to forgotten API key in…

1 / 4

Google Cloud customer wakes up to $18,000+ bill despite $7 budget, thanks to forgotten API key in published project — attacker put in 60,000+ requests and blasted through $1,400 spending cap

Tom's Hardware·https://www.tomshardware.com/author/jowi-morales·about 1 month ago

#0KKACBET

#nvidia #benchmarking #intelarc #google #davies #cloud

Reading 0:00

15s threshold

(Image credit: Google Gemini) Australia-based AI consultant and founder of Agentic Labs Jesse Davies woke up to an unpleasant surprise earlier this month: A Google Cloud bill of $25,672.86 AUD (approximately $18,391.78 USD) — even though there was a budget of $10 AUD (approximately $7 USD) on his account. And it happened overnight. According to Davies' account on LinkedIn , he was well-versed with Google AI Studio and had followed practices such as per-project API keys, separate billing accounts, two-factor authentication, and Cloud audit logging. However, it only took a single weak link to nullify those precautions, as evidenced by the shockingly large overnight bill. On top of that, Davies found nine Google Cloud safety features that should have prevented this incident — but that were turned off by default. Go deeper with TH Premium: AI and data centers "The attacker didn't steal my key.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

Google Cloud customer wakes up to $18,000+ bill despite $7 budget, thanks to forgotten API key in published project &mdash; attacker put in 60,000+ requests and blasted through $1,400 spending cap

Google Cloud customer wakes up to $18,000+ bill despite $7 budget, thanks to forgotten API key in published project — attacker put in 60,000+ requests and blasted through $1,400 spending cap