Can attest, once racked up $10k AWS bill due to a silly mistake, got it nulled. That was a great lesson about how fast things can go wrong with pay-as-you-go pricing if not monitored.
It's embarrassing to write that now but I accidentally left private key for EC2 instance publicly available on GitHub. And I think what happened is that a bot scraped that key and used my resources to mine Bitcoin.
This seems quite common. I have heard several stories to this effect. Faulty firewall settings or keys committed to the repo seem to be the common two.
I wish people would stop saying people "always" have fees waived. It's absoloutely not true.
I had a personal project, where I wanted to occasionally do short but highly parallel jobs. Once my scripts didn't close everything down correctly and a week later I had spent £600. That's a lot of money to me personally. I asked politely and it was never refunded.
counter-experience: I worked for a 7 person company where the AWS admin accidentally spent $80k on some VMs to run a job over a long weekend, because mis-read the pricing by machine-hour, and it didn't warn him how much he was spending when he turned them on. Yes, he could have set up alerts, but people fuck up all the time. Our daily usage went from $300 to $27000 overnight. We spent over a year trying to convince AWS to forgive part of the bill. They did not. We went on a long term payment plan. It sucked a lot.
So we switched to Google Cloud, which has a better UI for telling you how much you're about to spend. As we grew, we ended up spending way more money on GCP than we ever did on AWS.
There may be a maximum threshold for this, though.