Massive Usage Today? Is it a fraud situation?

https://help.openai.com/en/articles/7242626-how-can-i-report-fraud-or-suspicious-activity

So weird, we are facing the exact same issue. Never switched on GPT4 Turbo or GPT4 and getting massive bills! We revoked all keys and triple checked for leakage, but we had best practices in place. And it still continues to bill!! The problem started on Nov 13 after the latest release of GPT4, so I suspect something is off.

Don’t put API keys in your app. They will be stolen and abused.

You need a backend server with client authentication. Clients must only communicate with you, not OpenAI.

3 Likes

Did you place the key inside the app? Like hard coded into the app?

Something tells me that you’ve put your API key directly inside the app code, didn’t you?

1 Like

I have the same kind of issue. I use the API in private apps on hugging face only. the consumption surged on models I never used.

The chatbot to report fraud in the billing section does not exist anymore.

Any ideas ?

“I have the same kind of issue. I use the API in private apps on hugging face only. the consumption surged on models I never used.”

define private apps and use on hugging face. did you write the app? or this something you got from somewhere else? if you dont know the app dont use the api unless its a trusted source. never hard code your api keys into your apps. use best practices.

more info required to narrow it down. what is api saying for models used vs what you expected.

This isn’t the first report that seems to indicate a Huggingface token storage breach.

And here is the explanation. I have just received an email from hugging face:

Earlier this week our team detected unauthorized access to our Spaces platform, specifically related to Spaces secrets. As a consequence, we have suspicions that a subset of Spaces’ secrets could have been accessed without authorization.

etc…
You have the idea

2 Likes