Exposed DeepSeek Database Reveals Over a Million User Conversations

DeepSeek, the Chinese AI startup, has inadvertently left two databases wide open, leaking sensitive user and operational data. These unsecured databases were discovered to contain more than a million records of user chats in unencrypted text, along with API keys and intricate details about backend operations.

Security analysts from Wiz Research uncovered this exposure while conducting a security assessment on DeepSeek’s external infrastructure. Find out more about the exposed DeepSeek database below.

Exploring DeepSeek’s Security Lapse

The security research found two openly accessible database instances located at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000. Shockingly, these platforms permitted anyone to run SQL queries directly through a web interface without any form of authentication.

The exposed data resided in a ‘log_stream’ table, preserving internal logs that date back to January 6, 2025. These records contained detailed data including user queries to DeepSeek’s chatbot, keys for backend system API authentication, information on internal infrastructure and services, and a variety of operational metadata.

Wiz’s team outlined the severity of the situation, stating, “This level of access posed a critical risk to DeepSeek’s own security and for its end-users.” 

They further explained, “Not only an attacker could retrieve sensitive logs and actual plaintext chat messages, but they could also potentially exfiltrate plaintext passwords and local files along proprietary information directly from the server using queries like: SELECT * FROM file(‘filename’) depending on their ClickHouse configuration.”

The team at Wiz limited their investigation to enumeration in order to maintain ethical research boundaries. It is still unclear whether other malicious entities had previously accessed or exploited the exposed databases.

• Related Read: DeepSeek Temporarily Suspends New User Registrations Amid Major Cyberattack 

Regardless, Wiz notified DeepSeek about the issue, and the company quickly secured the databases to ensure they were no longer publicly accessible.

Security and Privacy Consequences for DeepSeek Users

DeepSeek already faces the challenge of complying with the Chinese government’s stringent data access demands. However, it seems they haven’t developed a robust security framework, which puts critical data at risk. 

The leakage of user prompts is a serious privacy issue, especially for companies relying on DeepSeek’s AI for sensitive operations. Furthermore, the revealed backend details and API keys could potentially allow attackers to infiltrate DeepSeek’s systems, escalate their access privileges, and initiate more extensive security breaches. 

Just earlier this week, the platform was hit by relentless cyberattacks, which it struggled to fend off, leading to a suspension of new user registrations for almost a day.