Deep trouble: Infosec firm finds a DeepSeek database 'completely open and unauthenticated' exposing chat history, API keys, and operational details

Image manipulated symbolic alegory pointing into the mystery of being.
(Image credit: Maciej Toporowicz, NYC via Getty Images)

DeepSeek has been the name on everyone's lips this week, as the release of its R1 AI model spooked the tech market and caused significant financial losses for several major players. Concerns have been raised regarding the security of the Chinese AI startup and its models—and if reports regarding an open database are to be believed, those claims may have some merit.

New York-based cloud security provider Wiz has issued an advisory claiming its research wing identified a publicly accessible ClickHouse database, belonging to DeepSeek, left "completely open and unauthenticated" (via The Register).

The database was said to have been discovered within minutes of the Wiz research team's investigation into DeepSeek's cybersecurity resilience and it contained "a significant volume of chat history, backend data, and sensitive information."

Worse still, the database was so completely unprotected that it was possible to gain full database control and privilege escalation from inside the environment, with no authentication or defence mechanism present.

A potential attacker could have easily obtained plaintext passwords, local files, and proprietary data with a simple SQL command. Wiz duly informed DeepSeek of the open database, which it says was promptly secured.

As word of DeepSeek's efforts has spread throughout the tech industry, so have potential data security concerns from multiple sources. Data regulators from the UK, Italy, Ireland and Australia have all begun enquiries into the practices of the company, while OpenAI has complained that DeepSeek has been copying its models.

The US Navy has issued a warning to its members to avoid using DeepSeek "in any capacity", while the US National Security Council says it's looking into the security implications of the DeepSeek app.

AI security provider HiddenLayer claims that DeepSeek-R1 is "vulnerable to jailbreak techniques, prompt injections, glitch tokens, and exploitation of its control tokens, making it less secure than other modern LLMs."

Given the disruptive nature of DeepSeek's entry into the market, it's difficult to ascertain how many of these claims are legitimate, and how many may be reactionary attempts looking to restore some of the AI status quo.

Regardless, leaving a database wide open to be manipulated by any who may come prying is not a great look. It seems like no matter what happens next, DeepSeek will be at the top of everyone's AI concerns for a while to come.

Best gaming PCBest gaming laptop


Best gaming PC: The top pre-built machines.
Best gaming laptop: Great devices for mobile gaming.

Andy Edser
Hardware Writer

Andy built his first gaming PC at the tender age of 12, when IDE cables were a thing and high resolution wasn't—and he hasn't stopped since. Now working as a hardware writer for PC Gamer, Andy's been jumping around the world attending product launches and trade shows, all the while reviewing every bit of PC hardware he can get his hands on. You name it, if it's interesting hardware he'll write words about it, with opinions and everything.

Read more
SUQIAN, CHINA - JANUARY 27, 2025 - An illustration photo shows the logo of DeepSeek and ChatGPT in Suqian, Jiangsu province, China, January 27, 2025. (Photo credit should read CFOTO/Future Publishing via Getty Images)
'AI's Sputnik moment': China-based DeepSeek's open-source models may be a real threat to the dominance of OpenAI, Meta, and Nvidia
SUQIAN, CHINA - JANUARY 27, 2025 - An illustration photo shows the logo of DeepSeek and ChatGPT in Suqian, Jiangsu province, China, January 27, 2025. (Photo credit should read CFOTO/Future Publishing via Getty Images)
The brass balls on these guys: OpenAI complains that DeepSeek has been using its data, you know, the copyrighted data it's been scraping from everywhere
SUQIAN, CHINA - JANUARY 27, 2025 - An illustration photo shows the logo of DeepSeek and ChatGPT in Suqian, Jiangsu province, China, January 27, 2025. (Photo credit should read CFOTO/Future Publishing via Getty Images)
China's DeepSeek chatbot reportedly gets much more done with fewer GPUs but Nvidia still thinks it's 'excellent' news
Alibaba
Forget DeepSeek R1, apparently it's now Alibaba that has the most powerful, the cheapest, the most everything-est chatbot
The NVIDIA stand at the Apsara Conference in Hangzhou, Zhejiang province, China, September 19, 2024. (Photo credit should read CFOTO/Future Publishing via Getty Images)
Nvidia share price plummets as it loses more than $600B in valuation, the biggest single-day loss in history
An artistic 3D render of the inside of a data centre, with many network wires criss-crossing across the server racks. The entire image is bathed in blue light.
AI Atlantis revealed off the coast of China, reportedly boasting computational power equivalent to 30,000 high-end gaming PCs
Latest in AI
Public Eye trailer still - dead-eyed police officer sitting for an interview
I'm creeped out by this trailer for a generative AI game about people using an AI-powered app to solve violent crimes in the year 2028 that somehow isn't a cautionary tale
Closeup of the new Copilot key coming to Windows 11 PC keyboards
Microsoft co-authored paper suggests the regular use of gen-AI can leave users with a 'diminished skill for independent problem-solving' and at least one AI model seems to agree
Still image of Bastion holding a bird, taken from Microsoft's Copilot for Gaming reveal trailer
Microsoft unveils Copilot for Gaming, an AI-powered 'ultimate gaming sidekick' that will let you talk to your console so you don't have to talk to your friends
BURBANK, CALIFORNIA - AUGUST 15: Protestors attend the SAG-AFTRA Video Game Strike Picket on August 15, 2024 in Burbank, California. (Photo by Lila Seeley/Getty Images)
8 months into their strike, videogame voice actors say the industry's latest proposal is 'filled with alarming loopholes that will leave our members vulnerable to AI abuse'
live action Jimbo the Jester from Balatro holding a playing card and addressing the camera
LocalThunk forbids AI-generated art on the Balatro subreddit: 'I think it does real harm to artists of all kinds'
Aloy
'Creepy,' 'ghastly,' 'rancid': Viewers react to leaked video of Sony's AI-powered Aloy
Latest in News
helldivers 2 democratic detonation
Johan Pilestedt warns that Helldivers 2 took 4 more years than planned because Arrowhead skipped pre-production and dove right in: 'Always do your homework before you start spending millions and millions and millions of dollars in making a game'
helldivers 2 arrowhead CCO johan pilestedt
Helldivers 2's Johan Pilestedt says developers need to start taking more risks: 'Safe bets are a death sentence for the studios that try to make them'
Split Fiction trailer still - Zoe and Mio staring into a large pipe
A pair of Split Fiction players will be heading to Sweden for an early look at Hazelight's next game after completing a secret challenge so tough, some developers can 'barely' beat it
Helldivers 2
Arrowhead’s CEO got a call from PlayStation when he said players could save their money and wait to buy Helldivers 2 until the servers were fixed: They ‘asked me what the f*** I’m smoking’
A man examines the implant in his beefy arm
New Ark DLC gets AI-generated trailer so awful that the original developer's washing its hands of the whole thing, and fans are in uproar: 'This is disgusting and you should be ashamed'
A screenshot of Helldivers 2, depicting a Helldiver saluting while wearing an anthropomorphic facemask
The United Nations asked Helldivers 2 studio Arrowhead if it'd give a talk on psychological manipulation: ‘Could we brainwash an entire community to fight for a fascist state? … Would we be okay with that? Turns out, yeah’