Chinese AI startup DeepSeek has experienced a significant security incident involving the exposure of sensitive user data through two unsecured databases. The breach, discovered by Wiz Research, revealed over a million log entries containing confidential information.

Key Findings:
– Two exposed ClickHouse database instances were found at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000
– Databases were accessible without authentication and allowed arbitrary SQL queries
– Exposed data included user chat histories, API keys, backend system details, and operational metadata
– Log entries dated from January 6, 2025

Security Implications:
The exposure created substantial security risks, potentially allowing attackers to:
– Access plaintext chat messages
– Retrieve sensitive logs
– Extract passwords and local files
– Access proprietary information

Response and Concerns:
– DeepSeek promptly addressed the exposure after Wiz’s notification
– The incident raises concerns about the company’s security infrastructure
– As a China-based company, DeepSeek must comply with government data access requests
– The exposure coincided with recent cyberattacks that forced DeepSeek to temporarily suspend new user registrations

This security breach highlights significant vulnerabilities in DeepSeek’s infrastructure and raises questions about the platform’s ability to protect sensitive user data and maintain robust security measures.