Upstart AI chatbot DeepSeek’s meteoric rise has been a double-edged sword. New York-based security firm Wiz Research discovered one of the China-based company’s databases exposed on the internet, containing heaps of private and sensitive data—but your data is likely just fine.

DeepSeek Leaves an Unsecured Database Online For Anyone to Find

On Wednesday, 10 June 2025,Wiz Research revealedit had stumbled upon a publicly accessible database belonging to DeepSeek, theChinese-developed AI chatbot taking the world by storm.

Analysis of the database revealed a trove of DeepSeek’s internal data, including user chat history and backend data, as well as sensitive data such as “log streams, API Secrets, and operational details.” In addition, on accessing the DeepSeek database, the Wiz Research team gained full database control and was able to manipulate data, in turn allowing for a potential privilege escalation with DeepSeek itself.

deepseek r1 ai chatbot answering question

The rapid adoption of AI services without corresponding security is inherently risky. This exposure underscores the fact that the immediate security risks for AI applications stem from the infrastructure and tools supporting them. While much of the attention around AI security is focused on futuristic threats, the real dangers often come from basic risks—like accidental external exposure of databases.

As per Reuters, DeepSeek fixed the exposed database rapidly.

DeepSeek’s Security and Privacy Issues Are a Risk For Its Users

The level of access to private DeepSeek data is a critical risk for its users. Despite DeepSeek’s stratospheric rise, there are numerous questions posed around its privacy and censorship issues and how these affect its AI output. Still, some peoplecontinue to use DeepSeek despite the privacy risks, and it’s not like ChatGPT, Claude, Gemini, and the other AI chatbots are privacy-protecting saints.

It also highlights the issues facing DeepSeek. After surging into the world’s gaze, the AI chatbot has been hit with several setbacks, including a wide-scale cyber-attack and temporarily suspending new accounts. In addition, security researchers atKela Cyberfound they could force DeepSeek to create dangerous malware and phishing campaigns while also exposing serious security flaws in its operations.

So, while DeepSeek is a fantasticopen-source AI model, it’s a mixed bag for security, privacy, and its guardrails.