Chinese AI company DeepSeek faced a serious security issue as researchers at Wiz uncovered a publicly accessible database linked to the company, exposing over a million log entries, backend details, software keys, and more. The discovery came during a routine security assessment by Wiz, where they found that DeepSeek had an unprotected ClickHouse database, open to anyone with internet access. This database not only was visible but also allowed full control over stored data, making it a prime target for attackers seeking critical information.
The exposed database was associated with multiple subdomains, such as dev.deepseek.com:9000 and oauth2callback.deepseek.com:9000. ClickHouse, an open-source columnar database management system, is utilized for processing analytical queries on large datasets efficiently. The lack of authentication in the database allowed Wiz researchers to query the system freely, revealing a plethora of logs containing API keys, chat histories, backend service details, and system operational metadata.
This security lapse was not a minor misconfiguration but a significant oversight that exposed detailed logs of internal system activity, giving insight into how DeepSeek’s AI tools operate and communicate. The exposure also enabled potential attackers to execute commands and extract sensitive data directly from the server. The repercussions of this breach could have been severe, considering the volume of information and the nature of the data stored in the exposed database.
DeepSeek’s AI services process large amounts of user-generated data, including chat logs that could contain personal or proprietary information. Additionally, the database stored API keys, which if misused, could lead to impersonation of DeepSeek’s services or unauthorized access to internal systems. The security incident highlighted the importance of prioritizing security over development speed, especially in the AI industry where sensitive data is at risk of exposure.
Upon being notified by Wiz, DeepSeek promptly secured the database and removed public access. However, it remains uncertain whether any unauthorized parties had accessed the information before the security measures were implemented. This incident adds to the existing privacy and cybersecurity concerns surrounding DeepSeek, particularly due to its Chinese ownership and previous reports of cyberattacks hindering user registrations.
CTO Gunter Ollmann from Cobalt emphasized the common occurrence of security lapses in organizations prioritizing speed over security, particularly in innovative AI companies like DeepSeek. He stressed the importance of proactive security testing to mitigate risks, especially as attack surfaces expand with cloud-based infrastructure and publicly accessible APIs. Wiz’s discovery serves as a reminder of the critical need for robust cybersecurity measures in the fast-evolving AI landscape.