{"id":1717,"date":"2025-01-30T12:37:49","date_gmt":"2025-01-30T12:37:49","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=1717"},"modified":"2025-01-30T12:37:49","modified_gmt":"2025-01-30T12:37:49","slug":"deepseek-leaks-one-million-sensitive-records-in-a-major-data-breach","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=1717","title":{"rendered":"DeepSeek leaks one million sensitive records in a major data breach"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>A New York-based cybersecurity firm, Wiz, has uncovered a critical security lapse at DeepSeek, a rising Chinese AI startup, revealing a cache of sensitive data openly accessible on the internet.<\/p>\n<p>According to a report published by Wiz, the exposed data included over a million lines of log entries, digital software keys, backend details, and user chat history from DeepSeek\u2019s AI assistant. The firm\u2019s researchers found that DeepSeek had inadvertently left an unsecured ClickHouse database accessible online, raising significant security concerns for enterprises and governments globally.<\/p>\n<p>Wiz Chief Technology Officer Ami Luttwak confirmed <a href=\"https:\/\/www.wiz.io\/blog\/wiz-research-uncovers-exposed-deepseek-database-leak\">in a blog post<\/a> that DeepSeek swiftly acted to secure the database after being alerted.<\/p>\n<p>\u201cThey took it down in less than an hour,\u201d Luttwak stated in the blog post. \u201cBut this was so simple to find, we believe we\u2019re not the only ones who found it.\u201d<\/p>\n<p>The security breach comes at a time when DeepSeek has been making headlines for its AI advancements, particularly with its DeepSeek-R1 reasoning model, which has been hailed as a cost-effective alternative to leading US-based AI solutions. However, this incident underscores a major concern for enterprises adopting AI\u2014data security and the risks associated with rapid AI deployment.<\/p>\n<p>Earlier this week, the Chinese AI startup <a href=\"https:\/\/www.csoonline.com\/article\/3811185\/deepseek-hit-by-cyberattack-and-outage-amid-breakthrough-success.html\">claimed to have been hit by a cyberattack<\/a> prompting it to restrict user registration.<\/p>\n<h2 class=\"wp-block-heading\">What was exposed?<\/h2>\n<p>The security lapse at DeepSeek involved a publicly accessible ClickHouse database that contained over a million log entries. The exposed data included chat histories, backend details, API secrets, and sensitive operational information, the report added.<\/p>\n<p>According to Wiz Research, the database was entirely unprotected, allowing unrestricted access to internal logs and potentially compromising user interactions.<\/p>\n<p>The unprotected database also granted full administrative control over its contents. Attackers with access could have retrieved proprietary data, extracted plaintext passwords, and even accessed local files stored on DeepSeek\u2019s servers. Wiz researchers noted that there were no authentication mechanisms in place, making the breach particularly alarming.<\/p>\n<p>While DeepSeek acted swiftly to secure the exposed database after Wiz\u2019s disclosure, the incident highlights the growing security risks within AI-driven platforms. As AI models become more advanced, the infrastructure supporting them must also evolve to prevent such critical vulnerabilities.<\/p>\n<p>The breach posed a severe risk, not only to DeepSeek but also to its users, as attackers could potentially exploit the exposed credentials to gain deeper access into the company\u2019s systems.<\/p>\n<h2 class=\"wp-block-heading\">Regulatory and global scrutiny intensifies<\/h2>\n<p>The DeepSeek data leak comes amid increasing global scrutiny of Chinese AI firms. On Tuesday, <a href=\"https:\/\/www.computerworld.com\/article\/3812231\/us-officials-probe-chinas-deepseek-ai-amid-security-and-privacy-scrutiny.html\">White House Press Secretary Karoline Leavitt said<\/a> the US National Security Council (NSC) is reviewing DeepSeek\u2019s implications on the country\u2019s national security. Similarly, Italy\u2019s data protection authority, Garante, announced that it is seeking answers from DeepSeek on its handling of personal data. The Italian watchdog is demanding clarity on what data DeepSeek collects, its sources, purposes, legal basis, and whether the information is stored in China.<\/p>\n<p>Ireland has also launched an investigation, with the country\u2019s privacy watchdog, the Data Protection Commission (DPC), <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2025-01-29\/deepseek-quizzed-by-irish-watchdog-amid-china-data-fears\">reportedly<\/a> questioning the Chinese firm about how it processes its citizens\u2019 data.<\/p>\n<p>This regulatory action reflects broader concerns about China\u2019s AI ecosystem, which has rapidly gained traction and, in some cases, threatened the dominance of US AI companies. DeepSeek\u2019s success in overtaking OpenAI\u2019s ChatGPT on <a href=\"https:\/\/www.computerworld.com\/article\/3810490\/iphone-users-turn-on-to-deepseek-ai.html\">Apple\u2019s App Store<\/a> in the US earlier this week has further fueled anxieties about the company\u2019s influence.<\/p>\n<h2 class=\"wp-block-heading\">Security lapses could dampen AI adoption<\/h2>\n<p>Cybersecurity experts warn that AI startups, in their rush to scale, often overlook basic security hygiene.<\/p>\n<p>\u201cThe immediate security risks for AI applications stem from the infrastructure and tools supporting them,\u201d the blog stated highlighting the broader risks posed by AI infrastructure vulnerabilities. \u201cWhile much attention around AI security is focused on futuristic threats, the real dangers often come from basic misconfigurations.\u201d<\/p>\n<p>The DeepSeek incident serves as a stark reminder of the cybersecurity risks enterprises face when integrating third-party AI models. As companies increasingly rely on AI solutions for automation and decision-making, security teams must work closely with AI engineers to ensure that fundamental security measures \u2014 such as data encryption, authentication controls, and regular security audits \u2014 are in place.<\/p>\n<h2 class=\"wp-block-heading\">What\u2019s next for AI security?<\/h2>\n<p>With AI adoption accelerating across industries, security lapses like this highlight the urgent need for stringent cybersecurity frameworks. Regulatory bodies worldwide are expected to ramp up their oversight of AI firms, particularly those handling vast amounts of user data.<\/p>\n<p>As the AI arms race continues, businesses investing in AI technologies must remain vigilant about their cybersecurity postures. The DeepSeek breach serves as a cautionary tale for enterprises evaluating AI providers: security cannot be an afterthought.<\/p>\n<p><a href=\"https:\/\/www.computerworld.com\/article\/3810766\/deepseek-triggers-shock-waves-for-ai-giants-but-the-disruption-wont-last.html\">DeepSeek\u2019s rapid rise<\/a> in the AI landscape has positioned it as a formidable player, but its recent security mishap raises critical questions about AI governance and risk management. For enterprises considering AI adoption, due diligence on security practices is more crucial than ever. <\/p>\n<p>As global regulators tighten scrutiny, the incident may set a precedent for how AI firms handle security and compliance. While DeepSeek may have acted swiftly to remediate the issue, the long-term impact of this exposure remains to be seen.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>A New York-based cybersecurity firm, Wiz, has uncovered a critical security lapse at DeepSeek, a rising Chinese AI startup, revealing a cache of sensitive data openly accessible on the internet. According to a report published by Wiz, the exposed data included over a million lines of log entries, digital software keys, backend details, and user [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":1718,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1717","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1717"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1717"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1717\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/1718"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1717"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1717"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1717"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}