A massive data leak from AI startup DeepSeek has raised alarms about the security of sensitive user data in the rapidly evolving AI industry.
Cybersecurity researchers at Wiz recently found a major security lapse at DeepSeek, a Chinese AI startup. The company, known for its DeepSeek-R1 AI model, had left a ClickHouse database exposed — an oversight with serious consequences.
Over a million log entries, containing chat history, secret keys, and backend details, were left unprotected in the exposed database. Worse, the database allowed full administrative control without authentication, making it a goldmine for potential attackers.
The exposed data included API secrets, internal logs, and even plaintext chat messages, posing a severe risk to both DeepSeek and its users. Wiz researchers responsibly disclosed the issue to DeepSeek, which promptly secured the database.
How the breach was discovered
Wiz’s research team identified the issue while analyzing DeepSeek’s external security posture. They initially mapped out DeepSeek’s internet-facing domains and found several subdomains, most appearing harmless.
However, deeper analysis revealed two unusual open ports — 8123 and 9000 — linked to publicly exposed ClickHouse database instances. These instances were completely unprotected, allowing anyone to access and manipulate data without authentication.
Using basic SQL queries through ClickHouse’s built-in web interface, Wiz researchers found a table named “log_stream,” which contained extensive logs with sensitive information. The logs included timestamps, references to internal DeepSeek API endpoints, and plaintext chat messages, as well as operational metadata.
The leak included chat messages. Image credit: Wiz Research
Such unrestricted access could have allowed attackers to extract passwords, local files, and proprietary data.
While the exposure was quickly patched, it raises larger concerns about DeepSeek’s infrastructure and the risks tied to its rapid growth.
DeepSeek’s rapid rise brings success & security concerns
DeepSeek’s data leak comes at a pivotal moment for the company. Despite its security lapse, the AI startup has seen a dramatic rise, topping the U.S. App Store and many others worldwide.
The company’s rapid success stems from its ability to deliver high-quality AI responses at a fraction of the cost of Western competitors like OpenAI’s ChatGPT. However, the very infrastructure that enabled this growth — the lightweight, cost-effective model — also appears to have contributed to its security vulnerabilities.
Given the U.S. government’s history of restricting Chinese tech firms like Huawei and TikTok, DeepSeek may face regulatory hurdles if concerns over data security persist.
