€54k spike in 13h after unrestricted Firebase browser key allegedly used to call Gemini APIs

April 16, 2026
aisecuritylawopen-source
Close-up of financial documents, calculator, and Polish Zloty currency on a desk.
Photo by Jakub Zerdzicki on Pexels

What happened

It has been reported that a small Firebase project blew up into a €54,000+ bill within roughly 13 hours after its owners enabled Firebase AI Logic. The project — reportedly used for Firebase Authentication for more than a year — added a tiny AI feature (a web snippet generator) and, soon after, saw a sudden surge of Gemini API calls. The traffic didn’t match real user activity and allegedly looked automated. The team says the surge stopped only after they disabled the API and rotated credentials.

Timeline and damage

Fast. Brutal. Overnight. Budget alerts were set to €80 and a cost-anomaly alert was in place, but both triggered with delays of a few hours. By the time the team reacted, costs were already around €28,000; delayed reporting pushed the final tally above €54,000. It has been reported that the access came via an unrestricted Firebase browser key calling Gemini endpoints — a key type historically treated as non-sensitive by many developers.

Aftermath and response

The developers worked with Google Cloud support, providing logs and analysis. It has been reported that Google classified the traffic as valid usage originating from the project and denied a billing adjustment. No refund. No rollback. Ouch. The episode has reignited industry debate around the old adage that “API keys aren’t secrets” — a posture recent analysis like Truffle Security’s piece argues is overdue for revision in the era of LLM billing.

Broader questions

Who’s responsible when a client-side key gets weaponized? What safeguards should be mandatory — stricter browser-key policies, realtime throttling, mandatory App Check, server-side proxies by default? The poster asked for escalation paths and additional protections beyond quotas and App Check. The community is watching closely. This isn’t just one unlucky bill; it’s a reminder that cloud-native AI can turn cheap experiments into existential hits in a single night.

Sources: ai.google.dev, Hacker News