DeepSeek’s data breach exposes 1 million logs, triggering a global AI security crisis. Sensitive info leaked, raising alarms for the AI industry

Continue reading
In what can only be described as one of the most alarming data security breaches of the decade, the Chinese AI startup DeepSeek has exposed over a million lines of sensitive data through an unsecured, publicly accessible ClickHouse database. This breach is not just an inconvenience for DeepSeek—it signals a massive vulnerability in the world of AI and data security, raising alarming questions for the industry, regulators, and the privacy-conscious public.
DeepSeek has recently made headlines with its revolutionary AI models, particularly the DeepSeek-R1 reasoning model, which has stunned the AI community for its groundbreaking performance, efficiency, and affordability. While its technical achievements have sparked interest, security experts are now reeling from the exposure of critical vulnerabilities within the company’s infrastructure.
In a rapid investigation conducted by Wiz Research, a team of cybersecurity professionals discovered a massive exposure within DeepSeek’s backend systems.
The breach stemmed from a publicly accessible ClickHouse database hosted on unsecured servers at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000.
This database, which was not protected by any form of authentication, was wide open to anyone with a web browser and the most basic knowledge of database queries.
What was exposed was nothing short of catastrophic: over a million log entries, containing highly sensitive information such as private chat history, API keys, backend data, and operational metadata. The ClickHouse database, a popular columnar database system designed for real-time analytics, hosted not just casual logs but the very essence of DeepSeek’s infrastructure. Among the most alarming files were:
This data is far more than just inconvenient—it contains everything a malicious actor needs to access, control, or even disable DeepSeek’s services.
DeepSeek’s breach isn't just another security hole—it's a glaring oversight with enormous implications. The unprotected database allowed for full control over DeepSeek’s infrastructure, with no authentication or defense mechanisms in place. This means any attacker who stumbled upon the database could easily escalate privileges, tamper with the data, or exfiltrate sensitive information. While Wiz Research refrained from running intrusive queries, the discovery alone underscores a dangerous vulnerability.
But the worst is yet to come. While the exposed logs showed extensive chat history, which could compromise user privacy, they also exposed system configurations and API credentials that could allow hackers to gain unauthorized access to proprietary systems and perform malicious actions, such as data exfiltration or further system manipulation.
This breach should serve as a wake-up call to the AI community. While much of the focus on AI security has been placed on futuristic threats such as data poisoning or adversarial attacks, this incident highlights a more immediate and tangible risk—an AI startup's lack of basic security hygiene.
DeepSeek, which had raised its profile by promoting cost-effective AI services, now faces scrutiny not just for its AI performance but for its glaring failure to secure its backend infrastructure. As companies rush to deploy AI models at breakneck speed, they’re often overlooking the basic principles of secure application development, putting millions of users at risk.
For those wondering about the broader implications, this incident is more than a wake-up call for DeepSeek—it represents a critical security lapse in the growing AI sector. If an AI startup with the capabilities of DeepSeek can make such fundamental mistakes, what does that say for others working in the same space?
The scale of this breach isn't just a DeepSeek problem. It reflects a broader systemic issue in the AI and technology industries—one where speed to market and cost-cutting often outweighs robust security frameworks.
DeepSeek’s publicly exposed database further underscores the lack of regulatory oversight in this rapidly expanding sector. While data privacy laws like the GDPR (General Data Protection Regulation) in Europe and the CCPA (California Consumer Privacy Act) in the United States are designed to protect personal data, the enforcement of such laws has proven inadequate in holding tech companies accountable for fundamental security flaws.
The breach has already caught the attention of several watchdog organizations. Both the Irish Data Protection Commission (DPC) and Italy’s Data Protection Authority (DPA) have issued requests for more information regarding DeepSeek's data processing practices, citing concerns over the protection of European citizen data.
While DeepSeek's exposure was eventually secured, the question remains: What about other AI companies? As AI startups and tech giants continue to innovate at breakneck speeds, they must not forget that data security is just as important as the technology they create. The industry needs a shift in focus—security can't be an afterthought, it must be a priority.

A third-party software flaw inside one of Japan's largest telcos exposed login credentials for up to 14.2 million email accounts across six ISPs. The passwords? Some were hashed. Some may not have been