Gemini API key abuse before June 19 unrestricted-key changes caused $35K bill. Support case still open, need Google escalation
Posting again because I’m trying to reach someone from Google Cloud who can help escalate my billing/security review.
My normal Google Cloud usage was monthly $250 . On May 12 my Gemini usage spiked to about $35K+ in 3 hours. This was not normal usage.
Support has been silent since May 22 and now receiving Google Collections email.
This incident happened before Google’s June 19 changes around unrestricted Gemini API keys. Truffle research also discussed how older public Google API keys become usable against Gemini after the API was enabled.
My ask:
Can a Google Cloud representative please help route this to the right billing/security escalation team? I can provide my case number privately to a Google Cloud employee or mod.
I’m asking Google Cloud to review server-side logs for the May 12 incident window, including source IPs, user agents, request volume, model/token usage, and whether the pattern matches known API key abuse.
Has anyone here successfully gotten a Google Cloud billing/security escalation for Gemini API key abuse?