Image Tim Reckmann, from Flickr
Italy Blocks DeepSeek Chatbot Over Privacy Concerns
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
Italy’s data protection authority, the Garante , has ordered the Chinese artificial intelligence startup DeepSeek to block its chatbot in the country due to unresolved privacy concerns.
In a Rush? Here are the Quick Facts!
- Italy’s Garante blocked DeepSeek’s chatbot over unresolved privacy concerns.
- DeepSeek failed to provide sufficient details on its data collection practices.
- DeepSeek’s ban comes amid a surge in its app downloads.
The decision, announced on Thursday, follows the company’s failure to provide satisfactory responses regarding its handling of personal data , according to Reuters .
Earlier this week, the Garante demanded that DeepSeek disclose details about its data collection practices, The Record reported.
The regulator sought information on what personal data the company collects, its sources, intended use, and whether it is stored on Chinese servers. It also requested clarification on the legal basis for gathering such data.
However, the information provided was deemed “totally insufficient,” prompting the enforcement order. DeepSeek has not yet issued a statement in response to the ban, Reuters reported.
The Hacker News highlighted that this is not the first time Italy’s data watchdog has taken action against an AI chatbot. In 2023, the Garante temporarily banned OpenAI’s ChatGPT over similar data privacy concerns.
The restriction was lifted in late April after OpenAI addressed the regulator’s demands, but the company was later fined €15 million for its handling of personal data.
The ban on DeepSeek comes amid a surge in the chatbot’s popularity, with millions of users propelling its mobile apps to the top of download charts.
Image by File Santilàn, from Unsplash
DeepSeek Data Breach: 1 Million Logs, Chat History, And Keys Exposed
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
A publicly accessible database belonging to the Chinese AI company DeepSeek has been found leaking sensitive information, including private chat history and secret keys.
In a Rush? Here are the Quick Facts!
- Over one million lines of sensitive data, including chat history and API keys, were exposed.
- The database used ClickHouse, an open-source data management system, for real-time processing.
- Wiz Research alerted DeepSeek, which secured the exposure after being informed.
Researchers from Wiz Research discovered that the exposed database could be accessed by anyone without any authentication, making it vulnerable to potential security breaches.
DeepSeek , known for its innovative AI models, particularly the cost-effective DeepSeek-R1 reasoning model, recently gained attention in the AI industry for its impressive performance.
However, Wiz Research’s investigation revealed a concerning security flaw that allowed full access to DeepSeek’s database, which included more than a million lines of sensitive log data.
The database, hosted at two addresses—oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000—was discovered through a routine security check of the company’s publicly facing websites.
The database was running on an open-source system called ClickHouse, which is commonly used for fast data processing. Unfortunately, this made the data highly accessible and easy to exploit for anyone with technical knowledge.
Among the sensitive information exposed in the database were logs of user chat history, API keys, backend data, and even internal operational details. These logs included personal information, plain-text chat messages, and data about DeepSeek’s internal systems.
This kind of data could have been used by attackers to access user accounts, steal passwords, or tamper with the company’s operations.
While Wiz Research immediately reported the exposure to DeepSeek, the company took swift action to secure the vulnerability. The incident highlights the ongoing risk that many AI companies face as they rapidly scale their services without fully addressing security concerns.
Wiz Research’s discovery serves as a reminder that, while AI technologies continue to advance, the infrastructure supporting them must also be secured. As AI companies grow and handle more sensitive data, the industry needs to ensure that proper security measures are in place to protect users and their information from exposure.
