Deepseek secured a “completely open” database, which revealed the stories of user chat, API interface authentication keys, system dailies and other confidential information, According to a company dealing in the cloud protection of the visa. Safety researchers found that they found a publicly available Chinese AI database in “minutes”, without authentication.
The exposed information was in the Open Source data management system called Clickhouse and consisted of over 1 million diary line. As the visa noted, the exhibition “allowed full control of the database and potential escalation of the right in the Deepseek environment”, which could give bad actors access to internal startup systems. These findings were First reported by Wired.
Deepseek “immediately secured” the database after Wiz informed about starting the problem.
It is still unclear whether anyone was able to access the disclosed data, but scientists said Wire, “It would not be a surprise, considering how easy the discovery was.” Wiz scientists also said The Outlet that Deepseek is designed similar to operai systems, “for details such as the API key format”. Opeli accused Deepseek of using his data to train his AI models at the beginning of this week.