In The Event Of
Get started free
D

DeepSeek Exposed ClickHouse Database 2025:
What You Need to Know

In January 2025, AI research lab DeepSeek had an analytics database briefly exposed to the public Internet with no authentication, leaking chat history, API keys, backend logs and internal secrets for around one million users. Here is what happened and what you can do.

Breach date:29 January 2025
Records affected:~1 million
Risk level:Medium

Your personal risk from this breach

Sign in or create a free account to see your personalised risk score.

View My Risk

What Happened

How the DeepSeek Exposure Unfolded

Late January 2025

Wiz Research scans the public Internet and discovers a ClickHouse instance on a DeepSeek subdomain with no authentication and full administrative access.

29 January 2025

Wiz contacts DeepSeek through responsible disclosure channels. The database is secured within roughly an hour of disclosure, but the total public-exposure window before discovery is unclear.

Because the database was unauthenticated and Internet-reachable, anyone who scanned the relevant IP range during the exposure window could potentially have queried its contents.

January and February 2025

Wiz publishes their research with technical details. The security industry responds with broader scrutiny of AI-vendor security postures, including how chat history and developer secrets are stored at fast-moving AI labs.

February 2025 onwards

DeepSeek conducts an internal review and adds monitoring. No public claim has emerged of attackers having scraped the data before remediation, but the public-exposure window cannot be fully accounted for, so the data should be treated as potentially collected.

Sources: Wiz Research (Jan 2025), ClickHouse security guidance

What Was Exposed

Data Leaked in the DeepSeek Exposure

The exposed ClickHouse instance acted as an analytics and operational store for DeepSeek. According to Wiz Research, it contained a mix of user-facing data (chat history, account metadata) and infrastructure-level data (API keys, backend logs, internal secrets). The exact volume of each data type was not published.

Data TypeRisk LevelWho Was Affected
Chat historyMediumUser prompts and AI responses, which may include sensitive content users typed
API keysHighDevelopers using the DeepSeek API
Backend logsLowServer-side operational data
Secret keys / tokensHighDeepSeek internal secrets used by backend services
User account metadataLowBasic profile information such as when accounts were created
IP addressesMediumConnection records associated with user sessions

Risk levels based on the OAIC: What is personal information? and OAIC Australian Privacy Principles. Credential material (API keys, secret tokens) is rated higher because it can be used directly to access systems on a user's behalf.

✅ Confirmed NOT Exposed

Based on the public disclosure, the exposed database did not contain account passwords (which are stored separately and hashed), payment information (handled by a separate payment provider), or the underlying model weights and training data. The exposure was limited to operational and analytics data rather than the core model assets.

Company Response

What DeepSeek Did

The database was secured within approximately one hour of Wiz Research's disclosure.
Summary of Wiz Research's public timeline

Actions Taken by DeepSeek

  • Took the exposed ClickHouse instance offline within around an hour of responsible disclosure
  • Removed the public network path to the database and restricted it behind authentication
  • Conducted an internal review of how the misconfiguration was introduced
  • Added monitoring intended to detect similar exposures in the future
  • Did not, at time of writing, publish a detailed public post-mortem or per-user notification programme of the kind seen in some larger breaches
Wiz Research Write-upDeepSeek

What Now?

Steps You Can Take After the DeepSeek Exposure

The exposure window was short, but because the database was fully unauthenticated, anything in it should be treated as potentially collected. The combination of chat history API keys and internal secrets is most concerning. Here are practical steps, organised by the types of accounts most likely affected.

DeepSeek and AI Service Accounts

Your chat history and any API keys you used with DeepSeek may have been readable during the exposure window.

Rotate any DeepSeek API keys

~10 min
Any DeepSeek API key issued before late January 2025 should be considered potentially exposed. Rotate the keys in the DeepSeek developer console and update them anywhere they are used (local environment files, CI/CD variables, deployed services, shared notes).
Go to DeepSeek

Review your DeepSeek chat history for sensitive content

~15 min
Look back at prompts you typed before late January 2025. If you pasted credentials, medical information, financial details, legally-privileged content, or private corporate context, treat those specific items as exposed and act accordingly (rotate the credential, notify the relevant party, etc.).

Update password and enable MFA, or consider account deletion

Although account passwords were not in the exposed database, updating your DeepSeek password and enabling MFA where supported is a sensible baseline. If you no longer use the service, consider submitting a data-deletion request under applicable privacy law.

Email and Digital Identity

Your email is the key to your digital identity. Securing it is a sensible first step.

Strengthen email security

~5 min
Updating the password and enabling MFA on email accounts associated with the DeepSeek account is widely recommended. It is also worth checking email forwarding rules and connected app permissions, as these can be exploited to silently intercept communications.

Understand your full account exposure

Most people have dozens of online accounts linked to a single email address. When that email is exposed in a breach, understanding which services are connected is a critical first step in assessing personal risk. Tools that map your digital footprint can help identify accounts that may need attention.

Developer and API Hygiene

If you used DeepSeek for development work, the exposure overlaps with credentials and source-code context, not just chat content.

Rotate any keys, tokens or secrets typed into AI chats

~30 min
Treat any API key token or secret you pasted into a DeepSeek prompt as compromised, regardless of which service the credential belonged to. Rotate them at the source and re-deploy any systems that consumed them.

Audit AI-generated code for embedded sensitive context

If you used DeepSeek to help write or refactor code, review any AI-suggested output that was committed. Sensitive endpoints, internal hostnames, schemas, or commented-out credentials embedded in prompts can end up in code review and version history.

Treat AI chat history as semi-public going forward

As a working assumption, regardless of vendor, avoid pasting credentials, regulated personal data, financial details, or legally-privileged content into AI prompts unless the vendor's security posture is contractually established and well understood.

Monitoring and Reporting

Local resources for reporting AI data-exposure incidents and identity protection.

Report to your national data protection authority

EU and UK users can report concerns to their national data protection authority under GDPR. Australian users can contact the OAIC, and US users may consider filing with the FTC.

Contact IDCare (Australia) for tailored support

IDCare (1800 595 160) is Australia's national identity and cyber support service and provides free, tailored guidance for people affected by data breaches, including AI-vendor incidents where personal disclosures may have been exposed.

Not sure which of your accounts are affected?

In The Event Of discovers your accounts automatically and alerts you in real time when new breaches affect your data.

Check My Email Free

Are You Still at Risk?

The Hidden Danger: Compound Breach Exposure

The DeepSeek exposure on its own affected a relatively small set of users. But if your email or credentials also appear in larger credential-bearing breaches, the combination can build a much more complete attacker profile.

How breach data compounds

On its own, the DeepSeek exposure leaked chat history, API keys, and operational data. But if your email also appears in broader credential-stealer logs or aggregated compilations, an attacker can pair AI-conversation context with reusable passwords and session tokens from other sources, which is a far more dangerous combination than either dataset alone.

  • ALIEN TXTBASE (2025)284M stealer logs - credentials harvested from infected devices
  • Internet Archive (2024)31M records - similar credential-bearing exposure
  • Stealer Logs January 202571M records - browser-saved passwords and session tokens
  • MOAB (2024)26B records - aggregated compilation of prior breaches

If your email appears in two or more of these breaches, your risk level is significantly elevated. In The Event Of can overlay your breach data to show exactly where your exposure compounds, and help you prioritise what to address first.

Were you affected?

Find out in 30 seconds. Free to check.

Check My Email Free

No credit card required.

Frequently Asked Questions

DeepSeek Exposure FAQ

Sources

  1. Wiz Research: "Wiz Research Uncovers Exposed DeepSeek Database Leak" (Jan 2025)
  2. DeepSeek
  3. OAIC: Notifiable Data Breaches scheme
  4. ClickHouse: Security best practices
  5. OAIC: What is personal information? (Privacy Act 1988 categories)

Other Major Australian Data Breaches

Data from multiple breaches can be combined to increase identity fraud risk. Review these guides to understand your full exposure.

NYC Health + Hospitals Data Breach 2026

~1.8M records exposed

Critical

Australian Courts Data Breach 2026

Thousands of files records exposed

Critical

youX Data Breach 2026

~444K records exposed

High

Prosura Data Breach 2026

300K-500K records exposed

High

Canvas (Instructure) Data Breach 2026

~275M (claimed) records exposed

Medium

Booking.com Data Breach 2026

Undisclosed records exposed

High

McGraw Hill Data Breach 2026

13.5M records exposed

High

Crunchyroll Data Breach 2026

Undisclosed records exposed

High

Eurail Data Breach 2026

300K+ records exposed

High

Basic-Fit Data Breach 2026

1M records exposed

High

Under Armour Data Breach 2025

72M records exposed

High

Salesforce (ShinyHunters) Data Breach 2025

~1B records exposed

High

Allianz Life Data Breach 2025

2.8M records exposed

High

Workday Data Breach 2025

Undisclosed records exposed

Medium

Western Sydney University Data Breach 2025

10K records exposed

High

Genea Fertility Data Breach 2025

940K records exposed

Critical

Tangerine Telecom Data Breach 2024

232K records exposed

High

Australian Clinical Labs Data Breach 2022

223K records exposed

Critical

Qantas Data Breach 2025

5.7M records exposed

High

Optus Data Breach 2022

9.8M records exposed

Critical

Medibank Data Breach 2022

9.7M records exposed

Critical

Latitude Financial Data Breach 2023

14M records exposed

Critical

MyDeal (Woolworths) Data Breach 2022

2.2M records exposed

High
View all breach guides →

Disclaimer: This guide is provided for general informational purposes only and does not constitute legal, financial, or professional advice. The information is based on publicly available sources at the time of writing and may not reflect the most current developments. In The Event Of Pty Ltd (ABN 38 687 352 647) is not affiliated with DeepSeek. If you believe you have been affected by this data exposure, we recommend contacting the relevant authorities and seeking professional guidance specific to your circumstances.