Fast Feed

DeepSeek database left user data, chat histories exposed for anyone to see

1 min read

Summary

  • DeepSeek, a Beijing-based artificial intelligence (AI) startup that offers a chatbot, left a database open and without authentication, according to cloud security firm Wiz.
  • Researchers found more than one million log lines in the ClickHouse data management system, including user chat histories, API authentication keys and system logs.
  • This exposed information could have provided access to DeepSeek’s internal systems and allowed for full control of the database.
  • Following notification, the database was secured, but it is not known whether any unauthorised access occurred, although the ease with which the database was found would suggest that it may have been accessed by bad actors.
  • Wiz also claimed the systems were formatted in a similar way to those used by OpenAI, which recently accused DeepSeek of stealing its data.

Original Article

Backlinks