Looking for advice on a situation we’re dealing with.
We had an API key created in August 2021 with no apiTargets restrictions (the GCP default at the time). Recently, that key was compromised and used to rack up fraudulent charges on Gemini 2.5 Pro, Gemini 3 Pro, and image generation APIs – none of which existed when the key was created, and none of which we ever use.
Our technical evidence is solid: 100% of the fraudulent calls came from us-south1 (Dallas), we have zero infrastructure there, the billed models don’t appear anywhere in our codebase, and all charges stopped within 13 minutes of deleting the key.
The question I’m struggling with: when a GCP API key is created with empty apiTargets, does it silently gain access to every API Google launches in the future – including ones that did not exist when the key was created? That seems to be what happened, and it means customers can be billed for APIs they never opted into, never enabled, and never used.
Has anyone dealt with a similar situation? What is the right escalation path for fraudulent charges where the evidence clearly shows an external actor?
Yes! When you create an API Key, and if you don’t assign restrictions; unfortunately it has access to all APIs that you enabled. and it’s not related to the date that your api key created.
I’d suggest reach out to support, if you haven’t created support ticket. AWS Support is mostly refunding in these type of problems, but i’m not sure about google cloud.
For anyone following this thread, here is where things stand.
After two Tier 1 template denials (shared responsibility, no engagement
with evidence), the case was escalated to a specialized fraud/billing team.
On March 30, that team wrote:
"Our internal team has detected that an API key associated with your
project has been leaked and there is a high probability that this key
was used for unauthorized activity."
Two days later, on April 1, a billing denial was issued stating the charges
are valid — with no reference to the March 30 findings.
A billing escalation manager (Demmie) subsequently conducted a secondary
review and issued a third denial on April 7, again citing the Shared
Responsibility Model without addressing:
The March 30 / April 1 internal contradiction
The fact that the key was created in 2021 — before Gemini existed —
and we never opted in to Gemini billing
Geographic proof: 100% of fraudulent calls from us-south1 (Dallas TX),
zero infrastructure there, verifiable from Google’s own logs
We have been referred to our Financial Services Representative (FSR) for
further discussion. A BBB complaint (#24669017) remains open. The case
has not been resolved.
Three core questions still unanswered after 19 days:
How does confirmed unauthorized external activity (Google’s own words)
produce charges the customer is responsible for?
How does the Shared Responsibility Model apply to a service the customer
never opted into?
Why has the geographic evidence never been addressed by anyone at Google?