Gemini runs but API keys leaked
Google’s Gemini chatbot was reported to be operating without major outages, but security researchers flagged Android apps that hardcoded Gemini API keys, creating risks of unauthorised use, data exposure and unexpected billing. For builders who stitch third-party speech or generation services into tutoring apps, the episode is a reminder that secrets management and rate-limits are material safety and cost concerns. (ibtimes.com.au, punemirror.com)
An application programming interface key is a password-shaped string that tells a service which developer account should be charged for a request. Google’s own Gemini documentation says every Gemini request includes that key, and Google’s cloud security guide says exposed keys can lead to unauthorized access and unexpected charges. (ai.google.dev, cloud.google.com) On Saturday, April 11, 2026, Gemini itself appeared to be working normally. International Business Times Australia said no major outage was showing on official status pages or major monitoring sites, and IsDown also listed Gemini as “working normally” after checking service health that morning. (ibtimes.com.au, isdown.app) The problem was not Gemini going offline. The problem was developers putting Gemini-capable keys inside Android apps, where anyone can pull the app apart like a zipped folder and read the secret inside. (securityweek.com, cloud.google.com) Pune Mirror, citing CloudSEK’s BeVigil scanner, said researchers checked the 10,000 most-installed Android apps and found 32 live Google API keys in 22 apps. Those 22 apps were said to have a combined install base above 500 million devices. (punemirror.com) The twist is that many Google API keys were once treated like low-risk identifiers for basic mobile features. CloudSEK and SecurityWeek said that once the Generative Language application programming interface was enabled, the same exposed key could authenticate to Gemini endpoints and start making billable artificial intelligence calls. (punemirror.com, securityweek.com) That turns a copied key into three separate problems at once. An attacker can run up usage on the developer’s account, probe connected files or cached context, and use the app’s own integration as a doorway into features the developer thought were private. (punemirror.com, oecd.ai) Google’s Gemini key guide says hardcoding a key in code can be acceptable only for initial testing and “should only be temporary since it’s not secure.” The same guide points developers to environment variables and project-level key management instead of leaving the secret in client-side code. (ai.google.dev) Google’s cloud documentation adds a second lock after key storage: restrictions. Google says developers should limit each key to specific application programming interfaces and usage patterns, because a restricted key does less damage if someone steals it. (cloud.google.com) That matters most in apps that chain together speech, tutoring, image, and text tools behind one button tap. A single exposed key in that kind of app is less like losing one house key and more like losing a badge that opens the lobby, the elevator, and the billing office. (developers.google.com, cloud.google.com) So the April 11 story had two opposite signals at once. Gemini the chatbot was up, but the way some apps were wired into Gemini showed that uptime is only half the job when one leaked key can quietly turn a working feature into a data and billing incident. (ibtimes.com.au, punemirror.com, cloud.google.com)
