DeepSeek Exposed Sensitive Data To Internet: Report
IDC, Friday, January 31st, 2025
DeepSeek accidentally exposed personal data and chat histories to anyone on the internet, cybersecurity firm Wiz Research revealed Wednesday.
Wiz said scans of DeepSeek's infrastructure showed the Chinese artificial intelligence (AI) company inadvertently left more than 1 million records unsecured on a publicly accessible database.
DeepSeek has secured a 'completely open' database that exposed user chat histories, system logs, user prompt submissions, API authentication keys, and other sensitive information, Wiz researchers found. 'More critically, the exposure allowed for full database control and potential privilege escalation within the DeepSeek environment without any authentication or defense mechanism to the outside world,' Wiz said.