Comment by treflop
What if you implemented the APIs but
- someone else proxied your API to the public
- someone else leaked credentials you assigned them in the public code of a game
As someone working on a team that publishes APIs to the greater large organization, you can't trust other people. People be doing wild things.
I would hope that my employer had a postmortem culture that encouraged looking into every point of failure and identifying process changes that will prevent a repeat of the incident. Instead of pointing the finger at Team X who messed up and/or just "blaming hackers" and continuing on with your defective processes.