Two developers who saw their Google Cloud bills explode after hackers used their accounts to call Gemini models have had those charges erased. Isuru Fonseka, a developer in Australia, told The Register his bill jumped to $17,000 in minutes after a hacker took over his account. Google automatically upgraded his $250 spending tier, letting the attacker rack up charges. Fonseka’s case isn’t unique, but it’s one of the few where Google has reversed the fees so far.

How the fraud worked

Automatic spending limit increases are Google’s default for Cloud customers. Hackers exploited this feature to run unauthorized API calls to Gemini, driving up costs fast. Fonseka said he never authorized the charges. “It felt like they were just giving me the runaround until your article,” he told The Register. “I just hope they fix it properly for everyone.”

Other developers have reported similar issues. A U.S.-based engineer who asked not to be named said his bill spiked to $5,000 after someone used his account for Gemini API calls. He got a partial refund but still faces uncertainty. Google’s response has been inconsistent—some victims get full refunds, others only partial, and many get nothing.

Why Google’s fix isn’t enough

Google confirmed it’s refunding affected users but hasn’t changed the auto-upgrade policy. The company says the feature helps customers scale up quickly, but it also leaves accounts vulnerable. Hackers only need access to an account to trigger the upgrade. Once they do, costs can spiral before anyone notices.

Fonseka and others want Google to stop auto-increasing limits by default. Right now, users have to manually set caps or opt out entirely. That’s a hassle, especially for small teams or solo developers who rely on Cloud for projects. “They need to stop doing this automatically,” Fonseka said. “It’s not fair to expect users to catch fraud after the damage is done.”

What’s next for Google Cloud users?

Google hasn’t said when—or if—it will change the auto-upgrade policy. In the meantime, users are left to monitor their accounts closely or risk surprise bills. The company did not respond to questions about how many customers were affected by this issue or how much money was lost in total.

For developers, the lesson is clear: check your Google Cloud spending limits today. Turn off auto-upgrades if you don’t need them, and set alerts for unusual activity. It’s not just about fraud—sudden traffic spikes can also drain accounts fast. Until Google changes its approach, users are the ones paying the price.

What You Need to Know

• Source: The Register
• Published: May 15, 2026 at 21:26 UTC
• Category: Technology
• Topics: #theregister · #tech · #enterprise · #google · #gemini

Read the Full Story

This is a curated summary. For the complete article, original data, quotes and full analysis:

Read the full story on The Register →

All reporting rights belong to the respective author(s) at The Register. GlobalBR News summarizes publicly available content to help readers discover the most relevant global news.

---

Curated by GlobalBR News · May 15, 2026

---

Related Articles

• Wanted: Digital chief for England’s schools. Must enjoy data, AI, and concrete problems

---

🇧🇷 Resumo em Português

Google devolve dinheiro a desenvolvedores vítimas de fraude em APIs do Gemini após reportagem

O Google anunciou que reembolsará desenvolvedores prejudicados por cobranças fraudulentas em suas APIs de modelos de linguagem, como o Gemini, após uma reportagem do The Register expor o problema. A prática, que vinha drenando recursos de contas sem autorização, afetou principalmente pequenas empresas e usuários que dependem de serviços de IA para aplicativos e automações, gerando prejuízos financeiros e desconfiança na plataforma.

No Brasil, onde o uso de APIs de IA cresce entre startups e desenvolvedores independentes, a notícia reforça a importância de mecanismos de segurança mais rígidos. Embora o reembolso seja um alívio, especialistas alertam que a prática de aumentar automaticamente os limites de gastos — ainda mantida pela gigante — continua exposta a abusos, exigindo maior transparência e controle por parte do usuário. A decisão do Google pode ser um passo inicial, mas a pressão por soluções definitivas deve aumentar.

Enquanto isso, desenvolvedores brasileiros aguardam ações concretas para evitar novos episódios, que já deixaram marcas em um ecossistema tecnológico em expansão.

---

🇪🇸 Resumen en Español

Google ha dado un paso atrás en su política de cobros y ha reembolsado a desarrolladores que sufrieron cargos fraudulentos en las API de sus modelos Gemini, en una decisión que llega tras la publicación de un informe en The Register. La compañía, sin embargo, mantiene su sistema de aumento automático de límites de gasto, una práctica que sigue dejando expuestos a los usuarios ante posibles abusos.

El caso refleja la vulnerabilidad de los sistemas automatizados de facturación en entornos tecnológicos complejos, donde errores o malversaciones pueden pasar desapercibidos hasta causar daños económicos. Para los desarrolladores hispanohablantes, especialmente en Latinoamérica, donde el acceso a recursos de IA es limitado y costoso, este tipo de incidentes subraya la necesidad de revisar minuciosamente las facturas y exigir transparencia a las plataformas. Mientras Google promete más controles, la polémica deja en evidencia los riesgos de delegar decisiones financieras a algoritmos sin supervisión humana constante.