DeepSeek’s Database With Chat History and Sensitive Information Leaked, Says Cybersecurity Firm

A cybersecurity firm found a publicly accessible ClickHouse database belonging to DeepSeek that shows internal data.

Advertisement
Written by Akash Dutta, Edited by Siddharth Suvarna | Updated: 31 January 2025 19:45 IST
Highlights
  • The leaked data includes over a million lines of log streams
  • It is said to contain chat history, secret keys, and backend details
  • Recently, DeepSeek said that it was hit by a cyberattack
DeepSeek’s Database With Chat History and Sensitive Information Leaked, Says Cybersecurity Firm

The firm said the DeepSeek data could be accessed without any external authentication

Photo Credit: Reuters

DeepSeek's dataset might have suffered public exposure, claimed a cybersecurity research firm. As per a report, a publicly accessible ClickHouse database belonging to DeepSeek was discovered which allowed full control over its database operations. Additionally, the exposure is also said to contain a large volume of sensitive information including chat history, secret keys, log times, and backend details. It is unclear whether the firm reported the matter to the Chinese AI firm, and if the exposed dataset has been taken down.

DeepSeek's Dataset Might Have Suffered a Breach

In a blog post, cybersecurity firm Wiz Research revealed that it found a completely open and unauthenticated dataset that contained highly sensitive information about the DeepSeek platform. The exposed information is said to pose a potential risk to both the AI firm as well as the end users.

The cybersecurity firm claimed that it intended to assess DeepSeek's external security to identify any potential vulnerabilities, given the rising popularity of the AI platform. The researchers started by mapping any Internet-facing subdomains but did not find anything that could suggest a high-risk exposure.

However, after implementing new techniques, the researchers were able to detect two open ports (8123 and 9000) associated with multiple public hosts. Wiz Research claimed that these ports led them to a publicly exposed ClickHouse database which could be accessed without any authentication.

Notably, ClickHouse is an open-source, columnar database management system developed by Yandex. It is used for fast analytical queries and is often used by ethical hackers to scan the dark web for exposed data.

A log stream table in the dataset is claimed to contain more than one million log entries including timestamps with logs from January 6, references to multiple internal DeepSeek application programming interface (API) endpoints, as well as chat history, API Keys, backend details, and operational metadata in plain-text.

Advertisement

The researchers claimed that with this level of information, a bad actor could potentially exfiltrate passwords, local files, and proprietary information directly from the server. At the time of writing this, there was no update on whether this data exposure can be contained and whether the dataset can be taken offline.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo X200 FE Launched in India With 6,500mAh Battery, Compact Design
  2. Realme 15 Pro 5G Display, Battery Details Confirmed Ahead of India Launch
  3. iQOO Z10R India Launch Teased; May Get MediaTek Dimensity 7400 SoC
  4. Vivo X Fold 5 Launched in India With 8.03-Inch Foldable Display
  5. Amazon Prime Day Sale 2025: iPhone 16e Deal You Shouldn't Miss
  6. Samsung Galaxy S25 FE Key Specifications Leaked: All Details
  1. Qualcomm Working On New Snapdragon SW6100 SoC for Wearables: Report
  2. Google Said to Be Adding a Search Bar to Gemini’s Android App
  3. Shubhanshu Shukla Bids Farewell from ISS, Honours India’s Space Legacy
  4. Realme 15 Pro 5G Display, Battery, Charging Features Revealed Ahead of July 24 India Launch
  5. Apple Smart Home Hub Launch Delayed to 2026: Mark Gurman
  6. Google Working On New AI Feature for Gboard to Improve Voice Typing Feature: Report
  7. Vivo X200 FE Launched in India With MediaTek Dimensity 9300+ SoC, 6,500mAh Battery
  8. Vivo X Fold 5 Launched in India With 8.03-Inch Foldable Screen, 50-Megapixel Telephoto Camera
  9. Samsung Confirms Some Galaxy AI Features Will Remain Free After 2025: Report
  10. Amazon Prime Day Sale 2025: Check This Last Minute Deal on iPhone 16e
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.