Summary: Chinese AI startup DeepSeek accidentally exposed a database containing highly sensitive data, allowing potential unauthorized access and control to malicious actors. The company, which has experienced rapid growth, has faced scrutiny over its security practices and privacy policies amidst rising concerns about its ties to China. The incident has prompted security warnings about the risks associated with the rapid deployment of AI technologies without adequate safeguards.
Affected: DeepSeek
Keypoints :
- DeepSeek’s ClickHouse database was left exposed, enabling full control over database operations without authentication.
- The breach included over a million lines of sensitive data, such as chat history, secret keys, and API secrets.
- The company faces scrutiny regarding its data handling practices and potential unauthorized use of OpenAI’s API for model training.
Source: https://thehackernews.com/2025/01/deepseek-ai-database-exposed-over-1.html