Suspended Project with Suspected API Key Abuse – Need Access to Detailed Gemini API Logs

Jiaming_Pang · March 24, 2026, 8:39pm

We are investigating a significant and unexpected spike in API usage associated with our Google Cloud project:

The project has been suspended due to suspected abusive activity consistent with potential API key compromise or hijacking. During the impacted period (March 21–23, 2026), we observed a substantial increase in usage and charges, primarily driven by:

Gemini API (image generation – high token output)
Places API (new usage observed)

At this time, we are attempting to perform a deep-dive investigation to determine:

The origin of the API calls (source IPs, regions)
Request metadata (headers, user agents, authentication method)
Whether the activity was authenticated vs unauthenticated
Any indicators of API key misuse or external abuse

Topic		Replies	Views
Unexpected Gemini API Billing Spike Gemini API billing	2	207	January 8, 2026
Unexpected Gemini API usage — How to trace calls (IP address)? New API key used without ever being deployed Gemini API api , api-key	2	219	December 24, 2025
Incurred unexpected spike in charges for Gemini API services Gemini API api	1	262	August 22, 2025
URGENT: Huge cost increase of Gemini API Gemini API bug , models , gemini-api , gemini-25	21	1547	April 12, 2026
[Urgent] Gemini API Billing Issue: Unexpected Charges for Unused Models (Tier 1) Gemini API billing	3	245	March 28, 2026

Suspended Project with Suspected API Key Abuse – Need Access to Detailed Gemini API Logs

Related topics