It surprises me that people are willing to grant access to third parties to use their API keys. I think the Binance hack illustrates why one should be careful when granting this kind of access to third parties as it can be easily misused.