New York-based cloud cybersecurity firm Wiz Inc. said Wednesday it discovered a sensitive database belonging to popular Chinese artificial intelligence startup DeepSeek the company did not properly secure and thus exposed it to the public internet.

DeepSeek has gained popular media fame in recent weeks after releasing several groundbreaking AI models, including DeepSeek-R1. According to the company, R1 rivals some of the most powerful AI models built by developers in the United States, including OpenAI’s GPT-o1, and can be trained for a fraction of the cost.

Wiz said that after DeepSeek gained this attention, it set its sights on the company’s security and “within minutes,” found a publicly accessible database “completely open and unauthenticated exposing sensitive data.” The database contained millions of lines of chat history, queries from users, backend data, application programming interface secrets and other sensitive operational details.

“More critically, the exposure allowed for full database control and potential privilege escalation within the DeepSeek environment, without any authentication or defense mechanism to the outside world,” Gal Nagli, cloud security researcher at Wiz, wrote in a blog post about the discovery.

Nagli added that this was a major risk for the company. The level of access would have allowed attackers almost carte blanche to important information about internal systems and end-users.

“Not only an attacker could retrieve sensitive logs and actual plain-text chat messages, but they could also potentially exfiltrate plaintext passwords and local files along propriety information directly from the server,” he said.

According to Wiz, DeepSeek quickly fixed the problem after the startup was informed about the issue.

This discovery comes at a time when the popularity of DeepSeek’s AI models caused a stir among investors and AI developers due to their claimed capabilities. The release of R1 caused a broad selloff in AI stocks sending Nvidia Corp.’s shares falling 17% on Monday.

The sudden popularity of DeepSeek and its publicly available chatbot also made it a target of attackers who knocked registrations offline temporarily the same day. Although the attack came at the time and could have been taking advantage of the increase in registrations to tip already overburdened systems over the edge, these types of cyberattacks can also be a prelude or cover for attacks probing for cracks in infrastructure defenses.

DeepSeek has also come under fire from privacy advocates and regulators for how the company collects and uses personal data. Its chatbot app has subsequently been removed from Apple Inc.’s App Store in Italy and may likely see the same fate in other countries. Italy’s privacy regulator questioned if the app followed regional regulations.

Fears of data leakage to the Chinese government have also compelled “hundreds” of companies, particularly those associated with governments, to block access to DeepSeek, Bloomberg reported today. Amid those concerns included weak privacy safeguards as the startup stores most of its data in China.

Image: Pixabay