This isn’t a Microsoft problem.
It’s not an https://t.co/wjoi0kcopv problem either.
It’s a problem when orgs accept the risk of submitting confidential data using API keys tied to free accounts – which by default create public submissions.
If you do that, you’re basically leaking your own data.