DeepSeek is currently experiencing significant attention following the launch of its remarkable R1 model. This advancement has propelled the AI firm to surpass ChatGPT and all competing applications, securing its position as the leading free app on both the App Store for iOS and the Google Play Store. However, users should be cautious if they explored the app this week, as there have been serious breaches regarding chat security.

According to The Hacker News, DeepSeek inadvertently exposed one of its online databases. Although the organization has rapidly addressed this issue, the exposed database has revealed a wealth of sensitive user data. It comprises more than a million entries, including chat records, confidential keys used for data encryption and decryption, backend details, and other critical information.

As of the latest update, DeepSeek has stated that their investigation is still underway, even after applying a corrective measure on January 29.

The extent to which anyone accessed DeepSeek’s database during this time of vulnerability remains unidentified. However, the security flaw allowed for total control over the database and enabled unauthorized privilege escalations within DeepSeek’s system.

Concerns surrounding DeepSeek’s data protection policies have intensified as more users turn to the service. The platform harvests considerable amounts of personal data, including email addresses, IP addresses, and chat logs, along with more invasive data such as keystroke patterns and typing rhythms. One might wonder why an AI application requires insight not only into what is typed but also the manner of typing. As DeepSeek operates as a Chinese entity, it stores all user information on servers located in China, making it legally obligated to comply with any data requests from the Chinese government. Such protocols are part of the underlying reasons behind the U.S. government’s ban on TikTok.

Although there is no direct indication that malicious access has occurred, the situation presents a concerning scenario for this emergent AI company. For those contemplating trying DeepSeek or already utilizing its services, it is critical to remain aware of these issues, as your personal data may not be as safeguarded as anticipated.