DeepSeek security breach exposes sensitive data, prompting global scrutiny

New York-based cybersecurity firm Wiz has uncovered a critical security lapse at DeepSeek, a rising Chinese AI startup. The lapse exposed a vast cache of sensitive data openly accessible online, raising serious concerns about data security in AI-driven platforms and prompting regulatory scrutiny from global authorities.

 

According to a report published by Wiz, the exposed data included more than a million lines of log entries, digital software keys, backend details, and user chat history from DeepSeek’s AI assistant. Researchers discovered that DeepSeek had inadvertently left two unsecured ClickHouse database instances online, allowing unrestricted access to internal logs and potentially compromising user interactions.

 

Wiz Research discovered the exposure during a security assessment of DeepSeek’s external infrastructure. The security firm found two publicly accessible database instances at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000 that allowed arbitrary SQL queries via a web interface without requiring authentication.

 

The databases contained a ’log_stream’ table that stored sensitive internal logs dating from January 6, 2025, including user queries to DeepSeek’s chatbot in plaintext form, keys used by backend systems to authenticate API calls, internal infrastructure and services information, and various operational metadata.

 

Wiz Chief Technology Officer Ami Luttwak confirmed in a blog post that DeepSeek acted swiftly to secure the database after being alerted. “They took it down in less than an hour,” Luttwak stated. “But this was so simple to find; we believe we’re not the only ones who found it.”

 

Wiz researchers noted that attackers could have retrieved proprietary data, exfiltrated plaintext passwords, and accessed local files stored on DeepSeek’s servers using queries such as SELECT * FROM file(’filename’), depending on their ClickHouse configuration. Wiz limited its exploration to enumeration to maintain ethical research constraints, leaving it unclear whether malicious actors had already exploited the misconfiguration before it was addressed.

 

The breach comes at a pivotal moment for DeepSeek, which has been gaining traction for its AI advancements, particularly its DeepSeek-R1 reasoning model. Marketed as a cost-effective alternative to leading U.S.-based AI solutions, DeepSeek’s rapid growth has heightened concerns about the security risks associated with AI deployment.

 

Compounding the issue, DeepSeek had recently announced that it had been targeted by persistent cyberattacks, which it appeared unable to thwart, forcing it to suspend new user registrations for nearly 24 hours. While DeepSeek has since secured the exposed databases, the incident underscores broader concerns about the company’s security stance, particularly in light of its obligations to comply with China’s data access policies.

 

The security lapse has also drawn the attention of regulators worldwide. In Washington, White House Press Secretary Karoline Leavitt confirmed that the U.S. National Security Council (NSC) is reviewing the implications of DeepSeek’s operations on national security. Meanwhile, Italy’s data protection authority, Garante, has demanded answers from DeepSeek regarding its data collection practices, legal basis, and whether personal data is stored in China. Ireland’s Data Protection Commission (DPC) has also investigated how the company processes the data of Irish citizens.

 

These regulatory actions reflect a broader trend of increasing scrutiny of Chinese AI firms, which have been rapidly expanding and, in some cases, challenging the dominance of U.S. AI companies. Earlier this week, DeepSeek surpassed OpenAI’s ChatGPT on Apple’s App Store in the U.S., further fueling concerns about its growing influence.