Researchers with cybersecurity company Wiz said on Jan. 29 that sensitive information from the Chinese artificial intelligence (AI) app DeepSeek was inadvertently exposed to the open internet.
The popular app has also raised national security concerns in Washington.
Within minutes, researchers with the New York City-based cybersecurity company found a publicly accessible database linked to the chatbot that was “completely open and unauthenticated” and “exposing sensitive data,” Wiz stated.
The database contained more than a million lines of data that were left unsecured, according to Wiz.
This included sensitive information, along with digital software keys, as well as chat logs that appeared to capture prompts being sent from users to the company’s free AI assistant, according to the cybersecurity company.
“More critically, the exposure allowed for full database control and potential privilege escalation within the DeepSeek environment, without any authentication or defense mechanism to the outside world,” the blog post stated.
Wiz said the level of access posed a critical risk to DeepSeek’s security as well as to its end-users, including allowing bad actors to retrieve sensitive information and plain-text chat messages.
Additionally, the vulnerabilities could allow bad actors to exfiltrate plaintext passwords, Wiz said.
The Wiz Research team “immediately and responsibly disclosed the issue to DeepSeek, which promptly secured the exposure,” according to the blog post.
Wiz noted that the widespread and fast adoption of AI by companies poses ongoing risks, particularly for those that have “rapidly grown into critical infrastructure providers without the security frameworks that typically accompany such widespread adoptions.”
The Epoch Times contacted a DeepSeek spokesperson for comment but did not receive a response by publication time.
White House Evaluating DeepSeek National Security Implications
The White House is evaluating the potential national security implications of DeepSeek, White House press secretary Karoline Leavitt told reporters on Jan. 28. She said that President Donald Trump “believes in restoring American AI dominance.”Leavitt’s remarks echoed those made by Trump during a speech to Republican colleagues in Florida on Jan. 27.
Trump said he hoped the app would prompt U.S. companies to come up with a cheaper, faster method of AI.
“We always have the ideas. We’re always first. So I would say that’s a positive that could be very much a positive development,” Trump said. “So instead of spending billions and billions, you‘ll spend less, and you’ll come up with, hopefully, the same solution.”
OpenAI, Softbank, and Oracle will invest in the infrastructure through their joint venture, Stargate.
Trump described it as the “largest AI infrastructure project by far in history.”
