RSS

Surprise AI bills leave AWS and Google Cloud users aghast

medalblue3 pts0 comments

Surprise AI bills leave AWS and Google Cloud users aghast

Jump to main content

Search

REG AD

AI + ML

Surprise AI bills leave AWS and Google Cloud users aghast

Stuck with an AI bill for tens of thousands of dollars? You're not alone by a long shot

Brandon Vigliarolo

Brandon<br>Vigliarolo

Published<br>mon 18 May 2026 // 00:00 UTC

KETTLE Hopefully you haven't had reason to notice yet, but there's a rising problem with AI services on Google Cloud, AWS, and other platforms sticking their customers with bills in the tens of thousands of dollars.<br>This week's episode of the Kettle focuses on two such stories that The Register published this week, one concerning Google and another involving AWS. In both cases, cloud customers using AI incurred massive bills without any prior notification from their provider and not a lot of help to resolve the matter with any sense of urgency.<br>Tune in to this week's episode to hear host Brandon Vigliarolo chat with O'Ryan Johnson and Richard Speed about their stories, what's causing these massive bills, and how you can avoid a similar situation at your own organization.

REG AD

You can listen to The Kettle here, as well as on Spotify and Apple Music, or read the transcript of the latest episode below. It's been lightly edited for clarity.

REG AD

Brandon (00:01)<br>Hello everyone and welcome back to another episode of The Register's Kettle podcast. I'm Reg reporter Brandon Vigliarolo, and this week I'm joined by my colleagues Richard Speed and Kettle newcomer O'Ryan Johnson to talk about a recent spike in cloud AI API abuse that's sticking customers with some massive charges. We're talking tens of thousands of dollars that Google is seeming to...try hard not to refund. Guys, thanks for coming on.<br>O'Ryan Johnson (00:29)<br>Great to be here.<br>Brandon (00:30)<br>And O' Ryan, welcome again to your first Kettle episode. Glad to have you here. So in this case, this one is primarily based on an exclusive you published this week about compromised Google Cloud API keys. And from what I read, it seems like cyber criminals are using those keys to run all the AI inference they want on most expensive models that Google has without paying a dime. So walk me through what exactly this story's about.<br>O'Ryan Johnson (00:33)<br>So there were a couple parts of this. One is the API abuse. But then there was this policy by Google that kind of threw gasoline on the fire. So if you're a developer and you've created an API key for your projects, if your project uses Maps, you'll create an API key. And for years, the advice from Google was put that API key on the front end of that, make it public so that when users are using your site, it links back to your project.

REG AD

The problem was a couple years ago, they allowed those API keys, if they were configured correctly, to also access Gemini. And a lot of folks who were early adopters of AI went in and said, okay, I want to use Gemini with my project. And not really connecting the dots that their API key on the front end that was publicly available would now also allow anybody to inference Google's Gemini platform.<br>And it wasn't a big deal, I think, for a lot of years because I don't think the platform was really that amazing.<br>Brandon (02:01)<br>Yeah, because you said this is a three year old change, right?<br>O'Ryan Johnson (02:22)<br>But recently...Nano Banana and the Veo 3 models came out. And that's when I think we started to see a lot of this. This great security company named Truffle wrote something about this in February saying, look, be careful because if you've put your API key out according to Google's instructions, and if you've also been working with Gemini models, there's a chance that you may have inadvertently opened up your API key to anybody to be able to inference [Veo] and NanoBanana to their heart's content.<br>Brandon (02:40)<br>And specifically a Maps API key, right? Okay,

REG AD

O'Ryan Johnson (02:51)

Correct. Which again was, was Google had told everybody for quite a while was safe. And so, what happened kind of inevitably is folks were bad actors were in fact using that for for those purposes So you'd have these you know sort of like horror stories of waking up in the morning and seeing your Google account Which you maybe you never spent more than fifty dollars a month, all of a sudden you have a $3,000 bill, $5,000 bill. I talked to a guy who got a notification from his credit card company that "Hey, we're basically we're shutting off your account because you spent too much," and he's like "What the hell is going on?" And as he's in there trying to figure it out he sees the bill keeps going up....<br>Brandon (03:26)<br>...I think you mentioned basically that where this is, how you figure this out, is kind of buried, right? It's hard to find, right? So as he's looking, trying to frantically figure out what's happening, more charges are being added. I couldn't imagine waking up in the morning to that kind of scenario.<br>O'Ryan Johnson (03:36)<br>It's a rough,...

google brandon ryan cloud johnson bills

Related Articles

Elevated error rates on requests to multiple models

recroad9 ptsclaude incident islands rates elevated error

Donald Trump and sons to be 'forever' exempt from tax audits

doener9 ptsdigital access newsletters premium financial times

PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play

AMavorParker8 ptstasks model training self populora play

Old Reddit Is Down

Crunsher7 ptsdata autoplay videoplayerelement comments function false

The ultimate female fantasy – A feminist critique of Beauty and the Beast

muge6 ptsbeast story paglia beauty older butler
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.