I have an active Cloud Support case for $6,982.53 in unauthorized Gemini API usage. The case has been in Billing/Finance review for 12 calendar days with one acknowledgment and no substantive response. A paid Cloud Support escalation a few days ago produced no operational commitments. Posting here because Google staff engagement on this forum has been the unlock for comparable cases (Rod Danan, Isuru Fonseka, Jesse Davies, and the in-progress gem-inc-2026 thread).
I’ll share the case ID and full forensic package by DM with any Google staff who engage.
What happened
- 2025-08-19: Google AI Studio auto-created a Gemini API key in a project under my identity. The key was issued with no application restriction, no API restriction, and no spend cap — AI Studio’s documented defaults at that date.
- 2025-08-19 through 2026-05-12: Key dormant. Zero billed usage.
- 2026-05-13/14: Unauthorized usage of approximately $6,982.53 against the Gemini endpoint. Detected at ~3:00 AM ET on 2026-05-14 by repeated bank-decline notifications and Google’s own AI Studio spend-cap auto-pause email.
- 2026-05-14, within ~2 hours of detection: Full containment. All API keys on the affected projects deleted, billing unlinked from the source project (
billingEnabled: falseconfirmed via gcloud),aiplatform.googleapis.comdisabled on all projects that did not actively need it,generativelanguage.googleapis.comdisabled wherever it was enabled, remaining unrestricted keys on the billing account restricted tobigquery.googleapis.comonly, dormant projects shut down, hard budget caps with auto-disable configured, Data Access audit logs enabled foraiplatform.googleapis.com(the supported endpoint). - 2026-05-14 09:33 ET: Cloud Support agent acknowledged the case is with Billing/Finance review.
- 2026-05-14 through today (2026-05-26): No substantive response from Billing/Finance. 12 calendar days of silence.
What’s verifiable on Google’s side
- Admin audit logs on the source project across the full 90-day retention window show zero unauthorized console activity. Only entry is my own
DisableResourceBillingcall from the night of the incident. Consistent with direct-API-key abuse, not account compromise. - IAM on the source project has only two human members, both with 2FA. Neither shows recent sign-in activity.
- Both cards on file declined the original charge automatically. No funds have moved.
- On 2026-05-21 ~18:00 ET, Google retried collection against both cards despite a written standstill request I had sent the previous day on the case thread. Both declined again. Bank-issuer push notifications captured the timestamps.
Two Google-side platform gaps that defined this incident
1. AI Studio default-key issuance. The key Google AI Studio auto-created for me on 2025-08-19 had no restrictions and no spend cap. This matches the Tier 1 security bug documented in Truffle Security’s 2026-02-19 disclosure — AIza-prefix keys were officially documented for over a decade as safe to embed in client-side code, then retroactively granted Gemini API authentication without notification or consent. Google has publicly acknowledged this and is discontinuing unrestricted-traffic keys on 2026-06-19. The key in this incident was created well inside that window of Google-acknowledged insecure defaults.
2. Cloud Audit Log coverage gap on generativelanguage.googleapis.com. The exact endpoint used in this abuse is not covered by Cloud Audit Logs Data Access logging. This is verifiable from Google’s own audit-log services list, which covers aiplatform.googleapis.com, cloudaicompanion.googleapis.com, and geminicloudassist.googleapis.com but conspicuously omits generativelanguage.googleapis.com. Practical consequence: I had no native Google-side mechanism to detect, log, or investigate direct-API-key abuse on this endpoint before Google’s own billing-side alert triggered.
What I have already tried through support
- 2026-05-14: Three replies on the case over the day of the incident with the forensic write-up.
- 2026-05-20: Formal Billing/Finance escalation reply requesting manager review + goodwill adjustment + written collection-attempt standstill on the declined cards.
- 2026-05-21 evening: Second escalation reply citing the May 21 collection retry as a direct violation of the May 20 standstill request.
- 2026-05-23: Paid Cloud Support escalation. Live chat with a front-line agent who declined four explicit supervisor-transfer requests before eventually escalating to a Google Meet with a supervisor. The supervisor on the call acknowledged the case is reviewing “options regarding adjustment or waiving of the balance” and committed to flagging it as “high priority” — but provided no named reviewer, no committed decision date, and no billing-pipeline standstill on the cards.
- 2026-05-23 night: Written follow-up sent on the case requesting written confirmation of what was said verbally on the Meet. Deadline: today, 2026-05-26 COB. No written response so far.
What I’m asking for
Goodwill adjustment of the $6,982.53 unauthorized usage balance, consistent with how Google has resolved comparable AI Studio default-key abuse cases over the past 90 days:
- The Register, 2026-05-13: pattern documented
- The Register, 2026-05-15: Rod Danan ($10,138) and Isuru Fonseka (AUD $17,000) refunded after the prior coverage
- Jesse Davies (Agentic Labs): AUD $25,672 waived
- gem-inc-2026 ~$6,000 case: in active goodwill review on this forum
I am not asking for anything outside the pattern Google has already established for this category of incident.
Standing requests
- A named reviewer and a committed decision date on the case
- A written billing-pipeline standstill on the cards on file while the case is open, so that a future card-state change does not resolve the dispute against me before review concludes
- Goodwill adjustment of the $6,982.53 balance
Forensic package, audit-log exports, correspondence trail, and bank-issuer screenshots from the 2026-05-21 retry event are all assembled. Happy to share these and the case ID via DM with any Google staff who engage.
Thank you.