While the issue is fixed, news is coming out today via podcasts and articles like the one we’ll link to talking about the fact we had two open databases which actors could get at data and do who knows what with it.
While Kim Komando explicitly states that you should use DeepSeek on a device you use nothing else on, I’m now convinced I’ll never use it unless its in a product without my knowledge.
This stupid fucking Chinese bastards are next in the stupid fuck award for leaving shit open knowingly thinking they could get away with the stupid shit.
DeepSeek, the Chinese AI startup known for its DeepSeek-R1 LLM model, has publicly exposed two databases containing sensitive user and operational information.
The unsecured ClickHouse instances reportedly held over a million log entries containing user chat history in plaintext form, API keys, backend details, and operational metadata.
That’s nice! Not only are you holding on to company secrets that could have gotten loose, but your operational database too? What the fucking hell? This must be a first and I hope its the last. Although I said that when it came to open databases and I was proven wrong.
Wiz Research discovered this exposure during a security assessment of DeepSeek’s external infrastructure.
The security firm found two publicly accessible database instances at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000 that allowed arbitrary SQL queries via a web interface without requiring authentication.
Logs dated back to January 6th to today and could have had the following exposed according to the article:
- user queries to DeepSeek’s chatbot,
- keys used by backend systems to authenticate API calls,
- internal infrastructure and services information,
- and various operational metadata.
You have to be fucking kidding me on these API keys, right? How many times have we talked about the facct that API keys must be in control of the company? This has nothing to do with China and what we believe, this must be security 101. Holy fucking shit.
The article continues:
“Not only an attacker could retrieve sensitive logs and actual plaintext chat messages, but they could also potentially exfiltrate plaintext passwords and local files along propriety information directly from the server using queries like: SELECT * FROM file(‘filename’) depending on their ClickHouse configuration.”
Really? Passwords in plain text? This is also security 101. This is not acceptible by any company these days.
The article continues:
Apart from all the concerns that arise from DeepSeek being a China-based technology company, meaning it has to comply with aggressive data access requests from the country’s government, the company does not appear to have established a solid security stance, placing sensitive data at risk.
The exposure of user prompts is a privacy breach that should be very concerning for organizations using the AI model for sensitive business operations.
Additionally, the exposure of backend details and API keys could give attackers a way into DeepSeek’s internal networks, privilege escalation, and potentially larger-scale breaches.
The final paragraph says:
Earlier this week, the Chinese platform was targeted by persistent cyberattacks, which it appeared unable to thwart, forcing it to suspend new user registrations for nearly 24 hours.
If anyone wants to read the full article by Bleeping Computer, be my guest and feel free to leave a comment. (888) 405-7524 or (818) 527-4754. If you want your comment aired as we go from file to file from within the podcast, please let us know.
U.S. and Canadian callers can also use the Click to Call wigit to place a call to you before calling us.

Have a great day!
DeepSeek exposes database with over 1 million chat records is the article.