OpenAI API token is stolen last Friday, and not showing in Log any api calls history at May 8 2026. big bug

Welcome to the forum!

If you think an API key was stolen, I’d treat this as a security issue first, not only a bug.

In this situation, I’d delete/rotate the affected API key immediately if you haven’t already, then check usage /logs by project/key and make sure spend limits are set.

OpenAI’s API key safety doc also says to rotate a key immediately if you believe it has been…

Read more →
Page 1