Cyber experts discovered a leak of confidential information from the DeepSeek database

Author:
Olha Bereziuk
Date:

Specialists from the New York cybersecurity company Wiz Research have discovered a significant amount of confidential data from the Chinese AI-based chatbot DeepSeek in the public domain.

This is stated on the Wiz Research website.

Cybersecurity experts found a publicly available ClickHouse

ClickHouse is an open source database management system built for fast analytical queries on large data sets.
database linked to DeepSeek, completely open and unauthenticated, containing sensitive data.

A scan of DeepSeekʼs infrastructure revealed that the company had accidentally left over a million rows of data unprotected.

The vulnerability allowed attackers to not only view sensitive system logs and unencrypted correspondence, but also potentially extract passwords in plaintext and download local files.

Moreover, according to experts, due to the lack of protection mechanisms, it was possible to fully control the DeepSeek database and elevate privileges in the system without authentication.

After discovering the problem, the researchers reported it to DeepSeek, who promptly restricted public access and removed the database from the internet.

What is DeepSeek?

DeepSeek was founded in 2023 by Liang Wenfeng, a 40-year-old graduate of the School of Information and Electronic Engineering. He set up a store for Nvidia A100 chips, which are now banned from being exported to China. Media reports suggest that this may have prompted him to launch DeepSeek, combining those chips with cheaper, lower-end ones that are still available for import.

DeepSeek is based on the open-source DeepSeek-V3 model. Some experts say that the model was developed for less than $6 million — competitors spend much more. However, other experts dispute this information.

The app comes as Washington restricts sales of advanced artificial intelligence chips to Beijing. To continue operating without imported components, Chinese developers have been sharing their work and experimenting with each other.

They have created AI models that require much less computing power than before. Accordingly, they are much cheaper — this could fundamentally change the industry.

In early January, DeepSeek boasted of performance on par with OpenAI products when the application is used to solve math problems, write code, etc.

The popularity of the development has already affected the markets: ASML, a Dutch chipmaker, has lost more than 10% of its shares, while Siemens Energy, a maker of AI-related equipment, has lost 21%. Nvidia shares have also fallen 16% to $118.26. As recently as June last year, it was the worldʼs most valuable company.

For more news and in-depth stories from Ukraine please follow us on X.