Researchers discover DeepSeek servers exposed unprotected leaking sensitive records
Learn More
Security researchers at Wiz have discovered a data leak incident at DeepSeek, the Chinese AI startup known for its DeepSeek-R1 reasoning model. The incident involved an unsecured ClickHouse database that was publicly accessible without any authentication mechanisms, hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000.
The exposed database included sensitive information spanning over a million log entries, with data recorded from January 6, 2025. The following sensitive data types were exposed:
- User chat histories and interactions with the AI assistant
- API secrets and encryption keys
- Backend system details and operational metadata
- Internal DeepSeek API endpoints
- Directory structures and server configurations
- Log streams containing operational data
- Plaintext passwords
- Proprietary information
The number of affected individuals has not been disclosed.
The exposed database granted full administrative control via the exposed interface. This means that potential attackers could not only access the stored data but also potentially execute arbitrary SQL queries and access local files on DeepSeek's servers, depending on the ClickHouse configuration.
Wiz Research immediately disclosed the vulnerability to DeepSeek through responsible disclosure procedures. The company locked down the exposed databases within an hour of notification. It's not clear whether other parties may have discovered and potentially exploited it before remediation.
The incident has drawn significant regulatory attention. The US National Security Council (NSC) is reviewing DeepSeek's implications for national security. Italy's data protection authority (Garante) and Ireland's Data Protection Commission (DPC) are launching investigations into DeepSeek's data handling practices.
