One million sensitive records exposed in mass DeepSeek data leak

DeepSeek's troubles continue to persist as the discredited AI app suffered a mass data leak, exposing the sensitive records of over one million users.

Researchers accessed a publicly accessible database belonging to DeepSeek which allowed full control over database operations – including the ability to access internal data.

The best VPNs are often seen as an effective protector against privacy and security risks, but they will struggle to mitigate the dangers of DeepSeek.

This is not the first cybersecurity attack DeepSeek has suffered, falling victim to a large-scale attack just a week after it launched. Experts have expressed serious concerns over DeepSeek's privacy and security practices, and many have asked if DeepSeek is safe to use.

DeepSeek has now been banned by numerous countries and organizations, and the latest data leak simply reinforces the dangers the app poses.

One million users affected

Following DeepSeek's rapid rise in popularity, cloud security company Wiz investigated the app's security credentials and looked to identify any potential vulnerabilities.

Two databases were exposed with over one million lines of log streams containing chat history, API Keys, backend details, and other highly sensitive information was uncovered.

More critically, the exposure allowed for full database control and potential privilege escalation within the DeepSeek environment.

The issues centred around a public ClickHouse database which was accessible without any authentication required. Wiz reported that it was able to run commands in the HTTP interface which allowed direct execution of SQL queries.

A simple "SHOW TABLES" query revealed a list of accessible data sets, with the "log_stream" table containing the highly sensitive log entries data.

Anyone with an internet connection could have accessed the data and this raises significant red flags regarding DeepSeek's data management methods and privacy law compliance.

There are concerns over who could've gained access to this data and its potential exploitation by cybercriminals. There are also concerns of whether DeepSeek's AI training models could be exposed and subsequently manipulated by malicious actors.

DeepSeek's privacy policy states it stores data on servers in China, but doesn't say whether this is encrypted or how it is protected. It only says that it maintains "commercially reasonable technical, administrative, and physical security measures that are designed to protect your information from unauthorized access, theft, disclosure, modification, or loss."

Following its discovery, Wiz disclosed the issue to DeepSeek, which moved quickly to secure the exposure

What DeepSeek users should look out for

If you're a DeepSeek user and are worried about a possible data leak then you should remain vigilant and look out for any suspicious activity with your accounts. Phishing attempts and exposing yourself to malware is possible, so extra care should be taken when opening any unfamiliar messages.

You should change your passwords, create strong, secure ones and we'd recommend using one of the best password managers for this. Also consider setting up two-factor authentication (2FA) for additional security.

Some VPNs come with additional features designed to protect against data leaks. ExpressVPN has Identity Defender and NordVPN has NordProtect. Both offer cyber insurance of up to $1 million and assistance in recovering any funds lost to a data breach.

They also offer forms of ID alerts which monitor the web for your leaked data and alert you if it is found.

Identity Defender includes a data removal service, which will automatically contact any data brokers found to have records of your data and request its deletion. Incogni is one of the best data removal services and is included as part of Surfshark's One+ plan.