Wiz, the cybersecurity research company, reported on their investigation of DeepSeek and discovered that the company has exposed a significant amount of internal services to the internet, including their ClickHouse database, resulting in a massive data leak.
The server that is left open is located at dev.deepseek.com:9000 and serves as a database for storing service logs, which include information on API Endpoints within DeepSeek, conversation histories, and other chat-related data.
Wiz warns that the rapid development of various AI services may lead these companies to expand their services without adequate cybersecurity frameworks in place. Users should exercise caution when utilizing these services.
TLDR: Wiz’s research found significant security vulnerabilities in DeepSeek’s exposed internal services, highlighting the importance of cybersecurity measures in an era of rapid AI development.
Leave a Comment