DeepSeek Exposes Unsecured Databases with User Chat Records
/ 1 min read
🔍 DeepSeek exposes sensitive user data in unsecured databases. The Chinese AI startup DeepSeek has publicly revealed two unsecured databases containing over a million log entries, including user chat histories, API keys, and operational metadata. Discovered by Wiz Research during a security assessment, the databases were accessible without authentication, allowing arbitrary SQL queries. This exposure poses significant risks, as attackers could retrieve sensitive logs and potentially exfiltrate passwords and proprietary information. Although DeepSeek has since secured the databases, concerns remain about the company’s overall security posture, especially given its compliance with China’s stringent data access laws. The incident raises alarms for organizations using DeepSeek’s AI model for sensitive operations, particularly following recent cyberattacks that forced the company to suspend new user registrations.
