There’s been plenty of examples where API keys were leaked due to poor API key management, such as the Algolia or Mailgun report.<p>There are also examples where user data was compromised due to bad authentication rules or logic of an API<p>However, I’m curious if an API developer / issuer ever has leaked their own customers’ API Keys while their APIs security is otherwise airtight, I.e. Stripe leaking Stripe API Keys.