DeepSeek AI Stumbles As Sensitive User Data Is Exposed To The Web

hero wizresearch deepseek heroimage
Before we get started, let's clarify this headline. "DeepSeek" is the name of a Chinese AI startup that has produced some very impressive AI models, given the limited resources at its disposal. It is also the name of that startup's mobile app, and it's the latter that we're specifically concerned about today. That is to say that DeepSeek's mobile app accidentally exposed a huge pile of potentially-sensitive user data to the open web, also known as the clearnet.

The folks who found it claim that "a publicly accessible database belonging to DeepSeek allowed full control over database operations, including the ability to access internal data." Oh boy.

Who were those folks? It was Israeli cybersecurity firm Wiz, who made the claims in a blog post today. The group says that it "set out to assess [DeepSeek's] external security posture and identify any potential vulnerabilities," and that it found the aforementioned public database "within minutes" of snooping around.

deepseek clickhouse dbms
A screenshot of the Clickhouse DBMS on DeepSeek's servers. Image: Wiz Research

While this database was hidden from a casual investigation—i.e. it wasn't linked anywhere on DeepSeek's pages—it was sitting wide open with no authentication required on port 9000 at two of the company's domain servers. Wiz says that the database included "a significant volume of chat history, backend data, and sensitive information, including log streams, API secrets, and operational details."

A Reuters report quoted Wiz's co-founder Ami Luttwak, noting that "they took it down in less than an hour, but this was so simple to find, we believe we're not the only ones who found it." That could be very concerning for anyone who has used the DeepSeek app on their Android or iOS devices.

We won't repeat all of Wiz's findings here; if you want to read all about the breach, you can hit the company's blog post for more information. However, this display of gross incompetence does throw some shade on DeepSeek's accomplishments. Perhaps the company full of AI engineers doesn't employ a cybersecurity expert? They probably should get on that.