“It’s quite alarming to develop an AI model and leave the backdoor significantly unsecured from a security standpoint,” comments freelance security expert Jeremiah Fowler, who was not part of the Wiz research but focuses on identifying exposed databases. “The exposure of this kind of operational data, accessible to anyone with internet access, poses a serious threat to both the organization and its users.”
According to the researchers, DeepSeek’s systems appear to closely resemble those of OpenAI, likely to facilitate a smoother transition for new clients moving to DeepSeek’s platform. They indicate that the entire DeepSeek infrastructure is designed to mirror OpenAI’s setup, including specific aspects such as the format of the API keys.
The Wiz researchers are uncertain whether others discovered the exposed database ahead of them, but it wouldn’t be surprising given how easy it was to locate. Fowler, the independent expert, also emphasizes that the vulnerable database would have been found rapidly—if it hadn’t been already—by either other researchers or malicious actors.
“This should serve as a wake-up call for the influx of AI products and services expected in the near future about the seriousness of cybersecurity,” he states.
DeepSeek has made headlines globally over the past week, attracting millions of users and propelling the service to the top of app stores for both Apple and Google. This surge has resulted in billions being wiped off the stock values of U.S.-based AI firms and has caused concern among executives nationwide. On Wednesday, sources from OpenAI informed the Financial Times that they are investigating DeepSeek’s purported use of ChatGPT outputs to train its models.
Concurrently, DeepSeek has captured increasing scrutiny from lawmakers and regulators throughout the world, who are raising inquiries about the company’s privacy practices, the implications of its content moderation, and whether its Chinese ownership poses national security risks.
Italy’s data protection authority has posed a series of questions to DeepSeek inquiring about the origin of its training data, whether personal information of individuals was included, and the firm’s legal basis for utilizing such data. As reported by WIRED Italy, the DeepSeek app seemed to be unavailable for download in Italy following these inquiries.
DeepSeek’s connections to China are also sparking security apprehensions. At the end of last week, as reported by CNBC, the U.S. Navy issued a warning to its personnel instructing them not to utilize DeepSeek’s services “in any capacity.” The notification advised Navy staff against downloading, installing, or using the model, citing concerns of “potential security and ethical” implications.
Nonetheless, amid the excitement, the exposed data illustrates that nearly all technologies relying on cloud-hosted databases can fall prey to basic security oversights. “AI represents a new frontier in all aspects of technology and cybersecurity,” remarks Wiz’s Ohfeld, “and yet we still encounter the same old vulnerabilities like databases left accessible on the internet.”
