Wiz Research identified a significant vulnerability in a ClickHouse database owned by DeepSeek, a Chinese AI startup. The database was publicly exposed and accessible without any authentication, granting full control over database operations. The breach revealed sensitive data such as chat history, secret API keys, backend details, and over a million lines of logs, all of which posed serious risks to both DeepSeek’s infrastructure and the privacy of its users.
The exposed ClickHouse database contained a variety of sensitive information, including timestamps, API secrets, customer chat logs, and internal service metadata.
The logs, dating back to January 6, 2025, were particularly concerning, with plaintext API keys and backend operational data being readily accessible. This exposed data could have potentially compromised DeepSeek’s proprietary systems and client interactions if not promptly addressed.
Upon discovering the exposure, Wiz Research reported the issue to DeepSeek, prompting the company to take swift action to secure the database. DeepSeek’s response involved closing the exposed endpoints and securing the internal systems, mitigating the immediate threat. However, this breach served as a stark reminder of the vulnerabilities inherent in powerful tools like ClickHouse, which, when misconfigured, can lead to significant security risks.
This incident highlights the critical importance of implementing robust security mechanisms for AI startups and similar organizations that rely on complex data systems. Strong authentication, role-based access control, and regular security audits are essential to safeguarding against such breaches. As AI models like DeepSeek-R1 continue to rise in prominence, securing sensitive data becomes increasingly crucial to maintaining trust and protecting user privacy in the digital landscape.
Reference: