The startup Buzzy Chinese Artificial Intelligence (AI) Deepseek, who has experienced a dazzling increase in popularity in recent days, has left one of its databases on the Internet, which could have allowed malicious actors to access sensitive data.
The clickhouse database “allows complete control over database operations, including the possibility of accessing internal data,” said Gal Nagli, Wiz security researcher.
The exhibition also includes more than a million newspaper flow lines containing cat history, secret keys, backend details and other very sensitive information, such as API secrets and operational metadata. Deepseek has since connected the security hole according to the attempts of the cloud safety company to contact them.
The database, hosted at Oauth2Callback.deepseek (.) Com: 9000 and Dev.deepseek (.) Com: 9000, would have enabled unauthorized access to a wide range of information. The exhibition, noted Wiz, allowed a complete control of the database and an escalation of potential privilege in the Deepseek environment without requiring authentication.
This involved taking advantage of the HTTP interface in Clickhouse to execute arbitrary SQL requests directly via the web browser. It is currently not known if other malicious players have entered the possibility of accessing or downloading the data.
“The rapid adoption of IA services without corresponding security is intrinsically risky,” Nagli said in a press release shared with the Hacker News. “Although a large part of the attention concerning the security of AI focuses on futuristic threats, real dangers often come from basic risks, such as the accidental external exposure of databases.”
“Customer data protection must remain absolute priority for security teams, and it is crucial that security teams work in close collaboration with AI engineers to protect data and prevent exhibition.”
Deepseek has become the subject of the day in AI circles for its revolutionary opening models which claim to compete with the main AI systems as Openai, while being effective and profitable. His model of reasoning R1 was praised as “the spoutnik moment of AI”.
The IA chatbot of the OI is run up of the list of the App Store through Android and iOS on several markets, even if it has become the target of “large -scale malicious attacks”, which has it prompted to temporarily suspend registrations.
In an update published on January 29, 2025, the company said that it had identified the problem and that it tried to implement a fix.
At the same time, society was also at the end of the maintenance of its confidentiality policies, not to mention its Chinese ties becoming a question of concern for national security for the United States.
In addition, Deepseek applications have become unavailable in Italy shortly after the country’s data protection regulator requested information on its data processing practices and where it obtained its training data. It is not known if the withdrawal of applications was in response to the questions of the guard dog.
Bloomberg, the Financial Times, and the Wall Street Journal also reported that Optaai and Microsoft wonder if Deepseek used the Openai Application Programming Interface (API) without the authorization to train its own models on the Out of OpenAi systems, an approach called as distillation.
“We know that the groups in (China) are actively working to use methods, including what is called distillation, to try to reproduce the AI AI advanced models,” an OpenAI spokesperson told Guardian .