TL;DR
I hardcoded my OpenAI API key in a "private" repository that I later made public. Within 12 hours, someone found it and ran thousands of API calls. I woke up to a $2,147 bill. OpenAI doesn't refund abuse charges. Lesson learned: API keys are never "temporary" and repos don't stay private forever.
The Setup
I was building a side project with GPT-4. Nothing fancy, just a tool to help summarize documents. I created a private GitHub repo and, because it was "just for me," I hardcoded the API key directly in the code.
"It's a private repo. No one will ever see this. I'll fix it later when I'm ready to share."
Two months later, I wanted to share the project with a friend. Without thinking, I clicked "Change visibility" to public. The repo with my OpenAI key was now visible to the entire internet.
The Morning After
I woke up to an email from OpenAI: "Your usage this month has exceeded your billing threshold."
I logged into the OpenAI dashboard and nearly dropped my phone.
My usual monthly spend was about $15. This was more than I'd spent in the entire previous year.
What the Attackers Did
Looking at the usage logs, I could see the pattern:
- 4,200+ API calls to GPT-4
- Requests from multiple IPs around the world
- Long, context-heavy prompts (maximizing token usage)
- Running continuously for about 11 hours before I noticed
The attackers weren't doing anything sophisticated with the API. They were just running up charges, probably to use the API for their own projects without paying.
Why OpenAI keys are attractive: GPT-4 is expensive. At the time, it cost about $0.03 per 1K tokens for input and $0.06 for output. Someone running heavy workloads could easily spend hundreds or thousands of dollars per day.
Trying to Get a Refund
I immediately contacted OpenAI support, hoping they'd understand this was unauthorized usage. Their response was sympathetic but firm:
"We understand this is frustrating, but we're unable to provide refunds for API usage charges, even in cases where API keys may have been compromised. We recommend implementing usage limits and monitoring to prevent future issues."
Unlike AWS or Stripe, which sometimes credit back fraudulent charges, OpenAI's policy is that you're responsible for all usage on your keys. Period.
Why I Didn't Set Limits
OpenAI has a feature to set monthly spending limits. I knew about it. I just... didn't set it up.
My reasoning at the time:
- "I'm just testing, usage will be low"
- "I'll set limits when the project is more mature"
- "The key is in a private repo anyway"
Every one of those assumptions was wrong.
How Fast Attackers Find Keys
I made the repo public around 10 PM. The first unauthorized API call happened at 10:23 PM. That's 23 minutes.
Bots constantly scan GitHub for patterns that look like API keys. OpenAI keys start with "sk-" which makes them easy to identify. The moment your repo goes public, these bots find it.
Reality check: There's no such thing as "I'll just leave this key here temporarily." The moment it's in version control, it's at risk. Even private repos can be made public accidentally, cloned to other systems, or accessed through compromised credentials.
What I Changed
Immediate Actions
- Revoked the compromised key immediately
- Set a hard spending limit on my new key ($50/month)
- Enabled usage alerts at $10, $25, and $40
- Removed the key from git history using BFG Repo-Cleaner
Long-term Changes
- Environment variables only: API keys never go in code, even for "quick tests"
- Pre-commit hooks: Scan for API key patterns before every commit
- Per-project keys: Each project gets its own key so I can revoke one without affecting others
- Regular audits: Monthly review of all active API keys and their permissions
The $2,147 Lesson
This was an expensive education. But it fundamentally changed my habits:
- I never hardcode API keys, even in "throwaway" code
- Every API service I use has spending limits configured
- I assume every repo might become public someday
- I treat API keys like passwords, not like configuration
The money hurt. But the real cost would have been learning this lesson with a key that could access customer data or financial systems.
Will OpenAI refund charges from stolen keys?
No. OpenAI's policy is that account holders are responsible for all API usage on their keys, regardless of whether it was authorized. This is why setting spending limits is critical.
How do I set spending limits on OpenAI?
Go to your OpenAI account settings, then "Billing", then "Usage limits". You can set a hard limit (API calls stop when reached) and a soft limit (sends a notification). Set both.
How quickly are exposed keys found?
Studies show API keys exposed on GitHub are typically discovered within minutes to hours. Automated bots scan public repositories constantly for known API key patterns.
Is it safe to store keys in private repositories?
Private repos are safer but not foolproof. They can be accidentally made public, cloned to other systems, or accessed if your GitHub account is compromised. Use environment variables and secret management tools instead.