DeepSeek is in some deep trouble after cloud services provider Wiz Research did some digging, finding a publicly available database of the Chinese AI company's secret keys, messages, and more.

The database includes details like chat history, API secrets, and more, with Wiz researchers saying that the discovered database can be fully controlled. This means that they could execute code without any oversight, manipulating the data to serve their needs. Wiz reached out to DeepSeek to alert them, with the company quickly taking it down after restricting public access.
The team at Wiz Research set out to assess DeepSeek's external security posture, and find any potential vulnerabilities, with the team explaining: "Within minutes, we found a publicly accessible ClickHouse database linked to DeepSeek, completely open and unauthenticated, exposing sensitive data. It was hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000".
- Read more: Analysts: DeepSeek is the 'Temu of AI' as it wreaks havoc on the AI industry
- Read more: President Trump plans tariffs on foreign chips, says DeepSeek success 'a positive'
- Read more: NVIDIA statement on DeepSeek: says its AI app is an 'excellent AI advancement'
- Read more: DeepSeek Janus-Pro 7B model for task-specific AI models, rivals DALL-E 3
- Read more: NVIDIA shares bleed $384B in a few hours after DeepSeek shocks AI world
- Read more: DeepSeek's new AI app: top free app on the Apple App Store, ahead of ChatGPT
- Read more: Chinese AI firm DeepSeek has 50,000 NVIDIA H100 AI GPUs says CEO, even with US restrictions
"This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details. More critically, the exposure allowed for full database control and potential privilege escalation within the DeepSeek environment, without any authentication or defense mechanism to the outside world".
You can read Wiz Research's full report here.