The startup Buzzy Chinese Artificial Intelligence (AI) Deepseek, who has experienced a dazzling increase in popularity in recent days, has left one of its databases on the Internet, which could have allowed malicious actors to access sensitive data.
The clickhouse database “allows complete control over database operations, including the possibility of accessing internal data”, Wiz Gal Nagli security researcher said.
The exhibition also includes more than a million newspaper flow lines containing cat history, secret keys, backend details and other very sensitive information, such as API secrets and operational metadata. Deepseek has since connected the security hole according to the attempts of the cloud safety company to contact them.
The database, hosted at Oauth2Callback.deepseek (.) Com: 9000 and Dev.deepseek (.) Com: 9000, would have enabled unauthorized access to a wide range of information. The exhibition, noted Wiz, allowed a complete control of the database and an escalation of potential privilege in the Deepseek environment without requiring authentication.
This involved taking advantage of the HTTP interface in Clickhouse to execute arbitrary SQL requests directly via the web browser. It is currently not known if other malicious players have entered the possibility of accessing or downloading the data.
“The rapid adoption of IA services without corresponding security is intrinsically risky,” Nagli said in a press release shared with the Hacker News. “Although a large part of the attention concerning the security of AI focuses on futuristic threats, real dangers often come from basic risks, such as the accidental external exposure of databases.”
“Customer data protection must remain absolute priority for security teams, and it is crucial that security teams work in close collaboration with AI engineers to protect data and prevent exhibition.”
Deepseek has become the subject of the day in AI circles for its revolutionary opening models which claim to compete with the main AI systems as Openai, while being effective and profitable. His R1 reasoning model has been greeted Like “the spoutnik moment of AI”.
The IA chatbot of the OI is run up of the list of the App Store through Android and iOS on several markets, even if it has become the target of “large -scale malicious attacks”, which has it prompted to temporarily suspend registrations.
In a update Published on January 29, 2025, the company said that it had identified the problem and that it tried to implement a fix.
At the same time, the company was also at the end of the examination of its privacy policies, without forgetting that its Chinese ties become a question of national security concern for the United States.
In addition, Deepseek applications has become unavailable In Italy, shortly after the country’s data protection regulator, the Guarantor asked for information on its data processing practices and where it obtained its training data. It is not known if the withdrawal of applications was in response to the questions of the guard dog. A similar request was also sent by the Irish Data Protection Commission (DPC).
Bloomberg,, Financial timeAnd The Wall Street Journal have also noted that Openai and Microsoft wonder if Deepseek used the Openai Application Programming Interface (API) without the authorization to form its own models on the output of Openai systems, an approach called distillation.
“We know that the groups in (China) are actively working to use methods, including what is called distillation, to try to reproduce the AI AI AI EDUCED models”, an OPENAI spokesperson said The goalkeeper.