DeepSeek’s Database With Chat History and Sensitive Information Leaked, Says Cybersecurity Firm

A cybersecurity firm found a publicly accessible ClickHouse database belonging to DeepSeek that shows internal data.

Advertisement
Written by Akash Dutta, Edited by Siddharth Suvarna | Updated: 31 January 2025 19:45 IST
Highlights
  • The leaked data includes over a million lines of log streams
  • It is said to contain chat history, secret keys, and backend details
  • Recently, DeepSeek said that it was hit by a cyberattack
DeepSeek’s Database With Chat History and Sensitive Information Leaked, Says Cybersecurity Firm

The firm said the DeepSeek data could be accessed without any external authentication

Photo Credit: Reuters

DeepSeek's dataset might have suffered public exposure, claimed a cybersecurity research firm. As per a report, a publicly accessible ClickHouse database belonging to DeepSeek was discovered which allowed full control over its database operations. Additionally, the exposure is also said to contain a large volume of sensitive information including chat history, secret keys, log times, and backend details. It is unclear whether the firm reported the matter to the Chinese AI firm, and if the exposed dataset has been taken down.

DeepSeek's Dataset Might Have Suffered a Breach

In a blog post, cybersecurity firm Wiz Research revealed that it found a completely open and unauthenticated dataset that contained highly sensitive information about the DeepSeek platform. The exposed information is said to pose a potential risk to both the AI firm as well as the end users.

The cybersecurity firm claimed that it intended to assess DeepSeek's external security to identify any potential vulnerabilities, given the rising popularity of the AI platform. The researchers started by mapping any Internet-facing subdomains but did not find anything that could suggest a high-risk exposure.

However, after implementing new techniques, the researchers were able to detect two open ports (8123 and 9000) associated with multiple public hosts. Wiz Research claimed that these ports led them to a publicly exposed ClickHouse database which could be accessed without any authentication.

Advertisement

Notably, ClickHouse is an open-source, columnar database management system developed by Yandex. It is used for fast analytical queries and is often used by ethical hackers to scan the dark web for exposed data.

A log stream table in the dataset is claimed to contain more than one million log entries including timestamps with logs from January 6, references to multiple internal DeepSeek application programming interface (API) endpoints, as well as chat history, API Keys, backend details, and operational metadata in plain-text.

Advertisement

The researchers claimed that with this level of information, a bad actor could potentially exfiltrate passwords, local files, and proprietary information directly from the server. At the time of writing this, there was no update on whether this data exposure can be contained and whether the dataset can be taken offline.

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: DeepSeek, AI, Artificial Intelligence, Cybersecurity
Vivo, Xiaomi Top India’s Smartphone Market in 2024; Samsung Slips to Third: Counterpoint
Apple Said to Be in Final Stages of Selecting a Key Supplier for Foldable Display
Advertisement

Related Stories

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Oppo K13 Turbo Series Launched in India With Built-In Fan, 7,000mAh Battery
  2. Lava Blaze AMOLED 2 5G Launched in India With This Price Tag
  3. HTC Wildfire E4 Plus With 50-Megapixel Camera Launched: See Price
  4. Flipkart Independence Day Sale 2025 Will Start on This Date
  5. You Can Now Use Grok 4 AI Model for Free, No Need for Subscription
  6. Tecno Spark Go 5G India Launch Date Revealed: Check Features, Availability
  7. Honor X7c 5G With 50-Megapixel Camera Teased to Launch in India Soon
  8. Oppo K13x 5G Review
  9. Realme P4 Series To Launch in India On This Date; Price Range Revealed
#Latest Stories
  1. iPhone 17 Series Screen Protector Leak Hints at Display Sizes; iPhone 17 Air Could Surpass Pro Model in Size
  2. Gemini Live Integration With Google Calendar, Maps and Tasks App Finally Rolling Out
  3. Honor X7c 5G India Launch Teased; Confirmed to Debut With 50-Megapixel Camera
  4. Flipkart Independence Day Sale 2025 Date: Know More about Product Discounts and Bank Offers
  5. Tesla Opens First Experience Centre in New Delhi’s Aerocity; Four V4 Superchargers Established On-Site
  6. OpenAI Increases GPT-5 Thinking Usage Limit After Backlash from Users, But There's a Catch
  7. Apple's MacBook Pro With M6 Chip, OLED Display Could Launch by Early 2027: Mark Gurman
  8. Vivo Vision Mixed Reality Headset Launch Confirmed by Official; to Arrive as Apple Vision Pro Competitor
  9. Oppo Enco Buds 3 Pro Launched in India With Up to 54 Hours of Total Battery Life: Price, Specifications
  10. Microsoft Quietly Launches Copilot 3D as Experimental Feature, Turns 2D Images into 3D Models
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.