this post was submitted on 30 Jan 2025
12 points (100.0% liked)

Technology

1012 readers
103 users here now

A tech news sub for communists

founded 2 years ago
MODERATORS
muad_dibber@lemmygrad.ml
12
DeepSeek Sensitive Database Leak Includes Chat History (www.wiz.io)
submitted 8 hours ago* (last edited 8 hours ago) by itsraining@lemmygrad.ml to c/technology@lemmygrad.ml
4 comments fedilink hide all child comments
 

[...] a publicly accessible ClickHouse database linked to DeepSeek, completely open and unauthenticated, exposing sensitive data. It was hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000.

This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.

More critically, the exposure allowed for full database control and potential privilege escalation within the DeepSeek environment, without any authentication or defense mechanism to the outside world.

It seems that the Empire has decided to strike.

you are viewing a single comment's thread
view the rest of the comments
[–] itsraining@lemmygrad.ml 4 points 6 hours ago

thank you for the analysis