National security concerns are mounting over DeepSeek AI, the Chinese artificial intelligence company whose recent data breach has sent ripples through the technology community and prompted urgent warnings from U.S. officials.
A security issue at DeepSeek exposed over a million lines of sensitive internal data, including user chat histories, API secrets, and backend operational details, according to research published by cloud security firm Wiz earlier this month. The exposure stemmed from a publicly accessible ClickHouse database linked to DeepSeek's systems, which required no authentication, allowing unrestricted access to internal logs dating back to January 6. DeepSeek quickly secured the database within hours of being notified by researchers.
During routine reconnaissance of DeepSeek's internet-facing assets, Wiz researchers discovered the vulnerability. Unbeknownst to most, two non-standard ports (8123 and 9000) led to the exposed ClickHouse database, which is optimized for performing fast analytical queries on large datasets. From there, they ran arbitrary SQL queries, accessing everything from plaintext chat histories between users and DeepSeek's AI systems to API keys and cryptographic secrets.
Wiz's findings suggest attackers could execute similar commands to extract files directly from DeepSeek’s servers, potentially leading to corporate espionage or worse.
The national security ramifications of DeepSeek's rise are already being felt. Top legislators, including U.S. Senators, have begun voicing concerns over the startup's emergence and its potential threats to privacy and safety. According to one senator, "The way... is a real threat to people’s privacy and safety". Calls have intensified to curb Beijing's growing tech influence, with significant ramifications for U.S. companies.
Alongside political warnings, cybersecurity expert feedback has painted DeepSeek's AI as more vulnerable than its American counterparts, such as OpenAI's ChatGPT. Earlier assessments indicated DeepSeek's systems may be susceptible to being 'jailbroken', allowing users to generate malicious outputs, raising alarms over the potential misuse of the technology.
These worries culminated when on January 28, the U.S. Navy advised its members to avoid using DeepSeek "in any capacity" due to potential security and ethical concerns. Echoing these sentiments, DeepSeek's rapid ascent has also severely impacted stocks of established companies such as Nvidia and Oracle, bringing even more attention to the threat posed by the company.
Concerns surrounding DeepSeek are not merely anecdotal but stem from significant policies tied to data handling. According to sources, all user data worldwide is stored on servers located in China, where data laws diverge tremendously from those of the West. For example, companies whose servers are hosted in China may be compelled to cooperate with Chinese intelligence efforts, including requests for user data. The risks inherent here have prompted expert recommendations against inputting sensitive personal data, financial details, or personal health information.
Lukasz Olejnik, an independent consultant and researcher at King’s College London Institute for AI, encourages users to be vigilant. "Be careful about inputting sensitive personal data, financial details, trade secrets, or information about healthcare. Anything you type could be stored, analyzed, or requested by authorities under China’s data laws," he stated.
Such surveillance capabilities are not unique to DeepSeek. Other services, including popular platforms such as Facebook and TikTok, routinely track user activity. Yet, the potential for Chinese authorities to access such data should elicit additional caution among users, particularly those who may be subjects of interest, like human rights activists and journalists. Ron Deibert, director of the University of Toronto’s Citizen Lab, warned, "Users who are high-risk... should be particularly sensitive to these risks and avoid inputting anything..."
To mitigate tracking concerns, experts have suggested using new email accounts with false information when registering for the service. Another viable option is to download and run DeepSeek’s open-source AI models locally, removing the risk of sensitive data being saved or accessed on Chinese servers.
Wiz researchers urged the industry as a whole to push for stronger security frameworks across the booming AI sector. They noted, "The world has never seen... many AI companies have rapidly grown without the security practices typically accompanying such widespread adoptions."
The events surrounding DeepSeek serve as both a wake-up call for users and policymakers about the precarious balance between innovation and security. While the allure of cutting-edge AI capabilities remains strong, the risks associated with data privacy are perhaps stronger still, presenting significant challenges for governments and consumers alike.