AI News Security

DeepSeek AI Leak: Security Lapse Exposes Over a Million Log Entries, API Keys, and Chat Data

/ by Corentin C | Leave a comment

deepseek website

Chinese AI startup DeepSeek, which has recently gained widespread attention for its DeepSeek-R1 reasoning model, suffered a major security lapse that left a ClickHouse database publicly accessible online. The breach exposed over a million log lines, including chat history, API keys, backend service details, and sensitive metadata, raising serious concerns about the company’s security practices.

Unrestricted Database Access and Critical Risks

Security researchers from Wiz discovered that DeepSeek’s database, hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000, was left unprotected, allowing unauthenticated users to execute arbitrary SQL queries. This level of access meant that attackers could potentially:

  • Retrieve chat logs and plaintext API secrets
  • Extract internal files and sensitive backend information
  • Escalate privileges and execute malicious commands
Source: Wiz Research
Source: Wiz Research

The breach underscores how rushing to deploy AI services without proper security measures can expose sensitive infrastructure.

How the Leak Was Discovered

Researchers mapped DeepSeek’s external attack surface, identifying around 30 subdomains. While most were routine chatbot interfaces and documentation pages, further investigation uncovered two open ClickHouse database ports (8123 and 9000).

ClickHouse, a popular real-time analytics database, allows direct HTTP-based SQL query execution. Wiz researchers accessed the /play endpoint and listed database tables, revealing a log_stream table containing highly sensitive data, including plaintext logs of user conversations and API credentials.

“An attacker with access to this database could retrieve plaintext passwords, sensitive server data, and proprietary AI information,” Wiz Research reported.

DeepSeek’s Response and Growing Scrutiny

Upon being notified, DeepSeek quickly secured the exposed database but has not yet provided an official statement. The incident comes at a sensitive time for the company, as it faces increasing scrutiny:

  • Privacy Concerns: Italy’s data protection regulator blocked DeepSeek’s apps, requesting details about its data handling practices. Ireland’s Data Protection Commission has also sent inquiries.
  • Ties to China: DeepSeek’s Chinese origins have raised national security concerns in the U.S.
  • Plagiarism Allegations: Reports suggest OpenAI and Microsoft are investigating whether DeepSeek used OpenAI’s API to train its models, a method known as distillation.

A Wake-Up Call for AI Security

This breach highlights the real-world risks of AI security, not just futuristic concerns like adversarial attacks. Failing to secure AI infrastructure can lead to serious data leaks, privacy violations, and national security risks.

“As organizations race to adopt AI, security frameworks are often overlooked,” Wiz Research stated. “This incident serves as a wake-up call for the entire industry.”

Stay Updated with ToolsLib! 🚀
Join our community to receive the latest cybersecurity tips, software updates, and exclusive insights straight to your inbox!

Tagged

You might also like

Ollama: Run Large Language Models Locally with Ease

Ollama is your go-to tool for running large language models (LLMs) locally. From popular models like Llama 2 and Mistral to specialized ones like DeepSeek Coder, Ollama ensures privacy, cost efficiency, and seamless model management. Perfect for developers, researchers, and enthusiasts!

Read more »

deepseek website

DeepSeek Faces Massive Cyberattack

DeepSeek, the Chinese AI app that recently overtook ChatGPT in App Store downloads, is under attack. Facing a large-scale cyberattack, the platform has limited new user registrations but remains accessible to existing users. This incident underscores growing cybersecurity risks in the AI industry amidst DeepSeek's rapid rise and global impact.

Read more »

Microsoft Dev Home: Reaching the End of the Road

Microsoft Dev Home, a platform for developers on Windows, will reach its end-of-life in May 2025. With its customizable dashboard, machine configuration tools, and app installation features, it aimed to streamline developer workflows. As Microsoft sunsets the app, now is the time to explore alternatives.

Read more »

deepseek website

DeepSeek-R1: A Revolutionary AI Model Shaking Up the Industry

DeepSeek-R1 is revolutionizing AI with its cutting-edge capabilities and unbeatable cost efficiency. Rivaling OpenAI’s o1 model, this open-source innovation delivers advanced performance in mathematics, code generation, and human-like reasoning, all while being 27 times more affordable.

Read more »

Crypto Wallet

Guide: How to Secure Your Crypto Wallet

Your crypto wallet is the key to your digital assets, making its security vital. This guide covers the best practices for protecting your wallet, from strong passwords to hardware wallets, and avoiding common mistakes. Stay safe in the world of cryptocurrencies!

Read more »

windows 11

Enforcing Windows Updates on Windows 11: What You Need to Know About the 24H2 Update

Windows 11's 24H2 update is now mandatory for all eligible users, bringing exciting features like Wi-Fi 7 compatibility and improved energy management. However, with long installation times and potential software issues, preparation is key. Find out how to schedule updates, set active hours, and avoid surprises in our guide.

Read more »

7-zip-7z-file-archiver-data-compression

Critical 7-Zip Vulnerability Allows Attackers to Bypass Windows Security Features

A high-severity vulnerability in 7-Zip, tracked as CVE-2025-0411, enables attackers to bypass the Windows Mark of the Web (MotW) security feature, putting users at risk of malware. This issue, stemming from improper handling of archived files, has been addressed in version 24.09. Learn why updating your software is critical to maintaining your security.

Read more »

tiktok us ban

TikTok Banned in the United States: What It Means for Users and Social Media Landscape

The TikTok ban in the United States has left millions of users without access, raising questions about data privacy and national security. Discover the reasons behind the ban, the implications for users, and how this decision is reshaping the social media landscape.

Read more »

openai-chatgpt

Introducing Scheduled Tasks in ChatGPT: A Game-Changer for Automation (Beta)

ChatGPT introduces Scheduled Tasks, a new beta feature that revolutionizes automation. Whether you need daily briefings, reminders, or task management, this tool enables ChatGPT to run prompts and assist proactively, even while you're offline. Ideal for boosting productivity and simplifying routines!

Read more »

microsoft-patch-tuesday

January 2025 Windows Update: Key Highlights from Patch Tuesday

The January 2025 Windows Update brings cumulative updates KB5050009 and KB5050021, enhancing security and addressing critical issues. Explore the changes, known bugs, and tips for smooth installation.

Read more »

Critical Windows Vulnerability – PoC for CVE-2024-43452 Now Available

A new PoC exploit for CVE-2024-43452 affects Windows 11 23H2, allowing attackers to escalate privileges to SYSTEM level through malicious SMB responses. This flaw, discovered by Google Project Zero, exposes serious risks, and Microsoft has already addressed it in the November 2024 updates. Apply the patch immediately and follow best practices to secure your systems.

Read more »

High-Severity Vulnerability Found in Dell SupportAssist: CVE-2024-52535

A newly disclosed vulnerability, CVE-2024-52535, in Dell SupportAssist could allow attackers to escalate privileges and delete critical files. Affecting both Home and Business PC versions, this high-severity flaw highlights the importance of updating to the latest software versions. Find out how to mitigate this risk effectively.

Read more »

To top

Table of Contents

Index
×