DeepSeek

DeepSeek

DeepSeek's database was left exposed on the internet, leaking over 1 million records, including system logs, user submissions, and API tokens. Due to the database's nature as an analytics type, the breach of user interaction data and authentication keys poses a significant risk to user privacy. The issue was resolved within 30 minutes after Wiz researchers attempted to notify the company, by which time the database was secured.

Source: https://www.wired.com/story/exposed-deepseek-database-revealed-chat-prompts-and-internal-data/

TPRM report: https://scoringcyber.rankiteo.com/company/deepseek-ai

"id": "dee000013125",
"linkid": "deepseek-ai",
"type": "Breach",
"date": "1/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'DeepSeek',
                        'type': 'Company'}],
 'attack_vector': 'Exposed Database',
 'data_breach': {'number_of_records_exposed': 'Over 1 million',
                 'sensitivity_of_data': 'User interaction data and '
                                        'authentication keys',
                 'type_of_data_compromised': ['System logs',
                                              'User submissions',
                                              'API tokens']},
 'description': "DeepSeek's database was left exposed on the internet, leaking "
                'over 1 million records, including system logs, user '
                'submissions, and API tokens. The issue was resolved within 30 '
                'minutes after Wiz researchers attempted to notify the '
                'company, by which time the database was secured.',
 'impact': {'data_compromised': ['System logs',
                                 'User submissions',
                                 'API tokens'],
            'systems_affected': 'Database'},
 'post_incident_analysis': {'root_causes': 'Misconfiguration'},
 'response': {'containment_measures': 'Secured the database',
              'third_party_assistance': 'Wiz researchers'},
 'title': 'DeepSeek Database Exposure',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Misconfiguration'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.