Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The Chinese-made AI company disrupting the market, DeepSeek, has leaked a million chat records after leaving two databases publicly exposed.
Wiz Research discovered the databases during a security assessment of DeepSeek’s external infrastructure.
The team found two ClickHouse instances that contained over a million hat log records, which included API keys, operational metadata, back-end information and plaintext user chat history.
“We found a publicly accessible ClickHouse database linked to DeepSeek, completely open and unauthenticated, exposing sensitive data. It was hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000,” said Wiz.
“The exposure allowed for full database control and potential privilege escalation within the DeepSeek environment, without any authentication or defence mechanism to the outside world.”
From the two ClickHouse instances, users could request SQL queries via a web interface completely unauthenticated.
Wiz discovered the sensitive information in the database’s “log_stream” table.
“This level of access posed a critical risk to DeepSeek’s own security and for its end-users,” said Wiz.
“Not only an attacker could retrieve sensitive logs and actual plaintext chat messages, but they could also potentially exfiltrate plaintext passwords and local files along propriety information directly from the server using queries like: SELECT * FROM file(‘filename’) depending on their ClickHouse configuration.”
While Wiz has since informed DeepSeek of the security issue, and the company has since dealt with the security fault, there is no certainty that the flaw has not been used by threat actors.
Wiz also refrained from pushing deeper with its SQL queries to avoid breaching ethical limitations.
Just last week, DeepSeek announced that it had suffered major cyber attacks on its services.
“Due to large-scale malicious attacks on DeepSeek’s services, we are temporarily limiting registrations to ensure continued service. Existing users can log in as usual. Thanks for your understanding and support,” it said.
While the company has not shared any details of the cyber attacks, media reports suggest that its API and Web Chat are suffering from distributed denial-of-service (DDoS) attacks.
The attack followed a recent outage affecting its user login and its application programming interface (API), but there is no indication that this was the result of a cyber incident.
Be the first to hear the latest developments in the cyber industry.
