Wiz finds serious information leak at DeepSeek

DeepSeek credit: Reuters/VCG
DeepSeek credit: Reuters/VCG

The Chinese AI application that has taken the world by storm had a sensitive database exposed to anyone on the Internet.

Researchers at cybersecurity company Wiz have revealed a serious security vulnerability in the systems of Chinese company DeepSeek, which they have dubbed DeepLeak. Wiz found that a whole database of the Chinese company containing users’ chats, secret keys, and sensitive internal information, was exposed to anyone on the Internet.

According to the report by Wiz, the Chinese company, the developer of advanced artificial intelligence systems that overnight become serious competition for OpenAI, left sensitive information completely exposed. Anyone with an Internet connection could access sensitive information of the company with no need for identification or security checks.

Wiz’s Israeli researchers discovered the security breach surprisingly easily, Wiz said. "As DeepSeek made waves in the AI space, the Wiz Research team set out to assess its external security posture and identify any potential vulnerabilities. Within minutes, we found a publicly accessible ClickHouse database linked to DeepSeek, completely open and unauthenticated, exposing sensitive data," the company said. It added that its research team "immediately and responsibly disclosed the issue to DeepSeek, which promptly secured the exposure."

"While much of the attention around AI security is focused on futuristic threats, the real dangers often come from basic risks-like accidental external exposure of databases. These risks, which are fundamental to security, should remain a top priority for security teams," Wiz researcher Gal Nagli said.

"As organizations rush to adopt AI tools and services from a growing number of startups and providers, it’s essential to remember that by doing so, we’re entrusting these companies with sensitive data. The rapid pace of adoption often leads to overlooking security, but protecting customer data must remain the top priority. It’s crucial that security teams work closely with AI engineers to ensure visibility into the architecture, tooling, and models being used, so we can safeguard data and prevent exposure," Nagli concluded..

Published by Globes, Israel business news - en.globes.co.il - on January 30, 2025.

© Copyright of Globes Publisher Itonut (1983) Ltd., 2025.

DeepSeek credit: Reuters/VCG
DeepSeek credit: Reuters/VCG
Jerusalem's Midtown project credit: DBLD architects Foreign residents dominate Jerusalem city center housing market

Wealthy foreign residents are increasingly pricing residents out of the market in central neighborhoods, as ghost apartments haunt the city.

Egyptian tanks in Sinai near Rafah credit: Reuters Mohamed Abd El Ghany Egyptian military violations in Sinai concern Israel

President Donald Trump's relocation plan for Gazans is further straining fraught relations between Israel and Egypt. "Globes" examines whether it could spark a war.

Yitzhak Tshuva credit: Gidon Levy and Tali Bogdanovsky Isracard shareholders approve acquisition by Delek

For the deal to go through, approval is now needed from the Supervisor of Banks and the Israel Competition Authority.

Air Canada Photo: Shutterstock Air Canada to resume Israel flights in June

The Canadian airline will resume Toronto-Tel Aviv flights on June 8 and Montreal-Tel Aviv flights in August.

NICE CEO Scott Russell credit: SAP NICE Systems falls sharply on disappointing 2025 guidance

NICE sees $693-703 million revenue in the first quarter of 2025, up 6% from the corresponding quarter of 2024, with non-GAAP earnings per share of $2.78-2.88 - 3.8% below the analysts' consensus for revenue and 2.4% below for profit.

Tel Aviv credit: Shutterstock Urban renewal plan approved in heart of Tel Aviv

The plan for the Hahashmal neighborhood opposite the Old Central Bus Station includes a 30-floor tower.

Smartshooter credit: Smartshooter Germany buys Kibbutz Yagur's Smartshooter AI sights

The product family includes systems mounted on personal rifles, remotely controlled systems, and systems carried by vehicles, robots, and even drones.

Chinese ship in Suez Canal credit: Suez Canal Authority Direct shipping to Israel could resume soon

The first shipments of vehicles are likely to reach Israel via the Suez Canal in the coming months.

Sde Dov credit: Guy Yehieli Sde Dov land prices down over 40%

Four huge tenders for almost 4,000 homes, which have been successfully marketed in the north Tel Aviv district, reflect prices over 40% lower than in 2022.

Wix president Nir Zohar credit: Alan Tzatzkin Wix provides cautious 2025 guidance after strong 2024

The Israeli website building platform company reported its first-ever GAAP operating profit in 2024.

Saar Yoskovitz and Gal Shaul  / Photo: Augury Israeli industrial AI co Augury raises $75m

The new round represents an increase in valuation for Augury, which maintains its position as a ‘unicorn’ startup.

Eitan Yochananof and Eyal Ravid credit: Eyal Izhar and Tali Bogdanovsky Regulator indicts Victory, Yochananof CEOs over price fixing

The Israel Competition Authority today issued first indictments, following the food price fixing investigation.

Shekel credit: Shutterstock Vladirina 32 Shekel gains continue as Gaza talks progress

The shekel continues to trade at its strongest levels against the dollar since early 2023.

New York credit: Shutterstock Tel Aviv - New York fares stay high despite US airlines return

Ticket prices to the US will continue to cost at least $1,200 return, according to Ophir Tours, with most fares ranging between $1,500 and $2,000, or even more.

Greenfield Partners team credit: Eyal Toueg Greenfield Partners closes $400m third fund

The funds were raised from institutional investors in Israel, the US, Europe and Asia and brings the total funds under management to more than $1 billion.

Blockaid founders Ido Ben-Natan and Raz Niv credit: Liron Weissman Israeli onchain security co Blockaid raises $50m

Blockaid protects the largest companies building onchain, including Coinbase, Metamask, Stellar, Uniswap, and World App.

Twitter Facebook Linkedin RSS Newsletters גלובס Israel Business Conference 2018