Article Details
Scrape Timestamp (UTC): 2025-01-30 16:19:24.129
Original Article Text
Click to Toggle View
DeepSeek AI exposed databases with user chat history, API keys. DeepSeek, the Chinese AI startup known for its DeepSeek-R1 LLM model, has publicly exposed two databases containing sensitive user and operational information. The unsecured ClickHouse instances reportedly held over a million log entries containing user chat history in plaintext form, API keys, backend details, and operational metadata. Wiz Research discovered this exposure during a security assessment of DeepSeek's external infrastructure. The security firm found two publicly accessible database instances at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000 that allowed arbitrary SQL queries via a web interface without requiring authentication. The databases contained a 'log_stream' table that stored sensitive internal logs dating from January 6, 2025, containing: "This level of access posed a critical risk to DeepSeek's own security and for its end-users," comments Wiz. "Not only an attacker could retrieve sensitive logs and actual plaintext chat messages, but they could also potentially exfiltrate plaintext passwords and local files along propriety information directly from the server using queries like: SELECT * FROM file('filename') depending on their ClickHouse configuration." Wiz says it could execute more intrusive queries but limited its exploration to enumeration to keep its research within certain ethical constraints. It is unknown if Wiz's researchers were the first to discover this exposure or if malicious actors have already taken advantage of the misconfiguration. In any case, Wiz informed DeepSeek of the matter, and the company promptly addressed the exposure, so the databases are no longer public. DeepSeek's security problems Apart from all the concerns that arise from DeepSeek being a China-based technology company, meaning it has to comply with aggressive data access requests from the country's government, the company does not appear to have established a solid security stance, placing sensitive data at risk. The exposure of user prompts is a privacy breach that should be very concerning for organizations using the AI model for sensitive business operations. Additionally, the exposure of backend details and API keys could give attackers a way into DeepSeek's internal networks, privilege escalation, and potentially larger-scale breaches. Earlier this week, the Chinese platform was targeted by persistent cyberattacks, which it appeared unable to thwart, forcing it to suspend new user registrations for nearly 24 hours.
Daily Brief Summary
Chinese AI startup DeepSeek inadvertently made two databases public, revealing sensitive user history and operational data.
Over a million log entries, including plaintext user interactions and API keys, were accessible without proper security measures.
Security firm Wiz Research identified these unsecured databases allowing unrestricted SQL queries through two different web portals.
The lack of security could permit attackers to fetch plaintext passwords, chat messages, and even propriety information directly from DeepSeek's servers.
Prior to notification by Wiz Research, it is unclear whether these vulnerabilities were exploited by malicious actors.
Following notification, DeepSeek swiftly restricted database access, though the potential data leak pre-action remains a concern.
The incident underlines ongoing security issues for DeepSeek, compounded by being based in China where the government mandates strict data controls.
Earlier in the week, DeepSeek experienced a series of cyberattacks, which led to the temporary suspension of new user registrations.