Data Leak Exposes Over 1 Million Log Streams at DeepSeek
Summary
Hide β²
Show βΌ
In January 2025, Wiz Research discovered a data leak at DeepSeek, a Chinese AI specialist, exposing over 1 million sensitive log streams. The leak was due to a publicly accessible ClickHouse database, which allowed full control over database operations and access to internal data, including chat history and secret keys. Wiz Research promptly reported the issue, and DeepSeek secured the exposure. The incident highlights the risks of data leakage and the importance of securing cloud databases. The leak underscores the potential for both intentional and unintentional data exposure, emphasizing the need for robust security measures to protect sensitive information.
Timeline
-
03.09.2025 14:45 π° 1 articles Β· β± 13d ago
DeepSeek Data Leak Exposed Over 1 Million Log Streams in January 2025
In January 2025, Wiz Research discovered a data leak at DeepSeek, exposing over 1 million sensitive log streams due to a publicly accessible ClickHouse database. The leak included chat history and secret keys. Wiz Research promptly reported the issue, and DeepSeek secured the exposure. The incident underscores the risks of data leakage and the importance of securing cloud databases.
Show sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
Information Snippets
-
DeepSeek suffered a data leak in January 2025, exposing over 1 million log streams.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
-
The leak was due to a publicly accessible ClickHouse database.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
-
The exposed data included chat history and secret keys.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
-
Wiz Research identified and reported the leak, leading to its prompt resolution.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
-
The incident highlights the risks of data leakage and the importance of securing cloud databases.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
-
Data leakage can be intentional or unintentional, involving various vectors such as misconfigured cloud storage, endpoint vulnerabilities, emails, messaging, and shadow IT.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
-
Consequences of data leakage include regulatory fines, loss of intellectual property, financial crimes, and reputational damage.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
-
Organizations can mitigate data leakage risks through least-privilege access, data loss prevention, data classification, audits, and employee training.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45
-
Outpost24's CompassDRP offers features to detect leaked documents, confidential data, and source code, helping organizations manage data leakage risks.
First reported: 03.09.2025 14:45π° 1 source, 1 articleShow sources
- Detecting Data Leaks Before Disaster β thehackernews.com β 03.09.2025 14:45