By Raphael Satter
WASHINGTON (Reuters) – New York-based cybersecurity firm Wiz says it has found a trove of sensitive data from the Chinese artificial intelligence startup DeepSeek inadvertently exposed to the open internet.
In a blog post published Wednesday, Wiz said that scans of DeepSeek’s infrastructure showed that the company had accidentally left more than a million lines of data available unsecured. Those included digital software keys and chat logs that appeared to capture prompts being sent from users to the company’s free AI assistant.
Wiz’s chief technology officer said DeepSeek quickly secured the data after his firm alerted them.
“They took it down in less than an hour,” Ami Luttwak said. “But this was so simple to find we believe we’re not the only ones who found it.”
DeepSeek did not immediately return a message seeking comment.
DeepSeek’s practically overnight success following the launch of its AI assistant has thrilled China and sparked anxiety in America. The Chinese company’s apparent ability to match OpenAI’s capabilities at a much lower cost has posed questions over the sustainability of the business models and profit margins of U.S. AI giants such as Nvidia and Microsoft.
By Monday, it had overtaken U.S. rival ChatGPT in downloads from Apple’s App Store, triggering a global selloff in tech shares.
(This story has been corrected to say Wiz is based in New York, not in Israel, in the headline and paragraph 1)
(Reporting by Raphael Satter; Editing by Lisa Shumaker)
