DeepSeek leaves database of chat history wide open

deepseek

The much-discussed DeepSeek appears to have a lot to learn about security. Researchers discovered a database of chat conversations and other sensitive information that wasn’t even protected with a password.

You can’t escape it these past few days: the DeepSeek R1 model by Chinese company ScaleAI is stirring up tempers. The model was developed with trifling resources, and even Donald Trump is calling it a “wake-up call” for the U.S. tech industry. What ScaleAI seems to have been less savvy about is security because it left a database containing DeepSeek’s sensitive information wide open.

Wide open

Security firm Wiz took a close look at DeepSeek’s security and found a lack of it in particular. A database containing sensitive information such as users’ chat history was openly exposed on the Internet. The database was accessible through the open-source data platform ClickHouse and not even password protected. In addition to chat data, the database included log streams and operational info.

To make matters worse, according to Wiz researchers, it wasn’t even that difficult to gain full control of the database without having to go through any authentication. By playing around with queries, the researchers got their hands on a list of available datasets. One of those datasets included people’s chat history in plain text, API keys, backend data and operational metadata.

Basic risks

Wiz alerted DeepSeek to the poorly secured database and it has since reportedly been locked. But such discoveries do the company’s fledgling reputation no favors. “The rapid adoption of AI services without adequate security is risky,” a Wiz researcher told The Register. “Much of the attention around AI is focused on futuristic threats, but the real dangers often stem from basic risks – such as the inadvertent external exposure of databases.”

read also

Inside DeepSeek-AI stirs minds: how does it work, and what’s stolen?

DeepSeek’s rapid rise is also attracting the attention of regulators. Italy already decided to ban the app until DeepSeek clarifies how it processes users’ personal information. Its privacy statement states in black and white that its servers are located in China. In turn, OpenAI accuses DeepSeek of plagiarism, but that’s the pot calling the kettle black.