$82,000 in 48 Hours from stolen Gemini API Key vs. normal monthly Usage Of $180(old.reddit.com)
old.reddit.com
$82,000 in 48 Hours from stolen Gemini API Key vs. normal monthly Usage Of $180
https://old.reddit.com/r/googlecloud/comments/1reqtvi/82000_in_48_hours_from_stolen_gemini_api_key_my/
4 comments
Usage-based AI needs the same safety engineering as any “expensive actuator”: rate limits, quotas, and automatic shutdown thresholds. Otherwise a leaked key becomes an unbounded liability.
Discussion yesterday (85 points, 50 comments) https://news.ycombinator.com/item?id=47231469
From the link:
> For anyone wondering how this happened, a bit lower in the comments OP says that this key was UPLOADED TO GITHUB, I mean, that should really be the end of the thread. It sucks that this happened, sucks even more that you have a personal card on file, but the fact that Google is even saying ‘shared responsibility’ after you uploaded it to GH is crazy, it is your responsibility.
> For anyone wondering how this happened, a bit lower in the comments OP says that this key was UPLOADED TO GITHUB, I mean, that should really be the end of the thread. It sucks that this happened, sucks even more that you have a personal card on file, but the fact that Google is even saying ‘shared responsibility’ after you uploaded it to GH is crazy, it is your responsibility.
Answered by OP
> this guy is lying, we never uploaded the key to github, he must have missread a comment.
> this guy is lying, we never uploaded the key to github, he must have missread a comment.