DeepSeek AI, a rapidly emerging Chinese artificial intelligence platform, has been recently at the center of multiple security incidents and growing scrutiny from international authorities. These developments have raised significant concerns about the platform's data handling practices and overall safety.
Security researchers from Wiz uncovered a publicly accessible database belonging to DeepSeek. This misconfigured ClickHouse database contained over a million lines of sensitive data, including user chat histories, secret keys, and backend details. The exposure allowed full control over database operations, posing a significant risk of unauthorized access and data manipulation. Upon notification, DeepSeek promptly secured the database, but it remains unclear if any malicious actors accessed the data prior to its remediation.
Further investigations revealed hidden code within DeepSeek's AI platform that enabled direct data transmission to servers controlled by China Mobile, a state-owned telecommunications company. This discovery is particularly concerning given China Mobile's alleged ties to the Chinese military, which have led to U.S. sanctions. The exposed code had the potential to send user login details and other sensitive information to China Mobile, raising significant data privacy and national security concerns.
In response to these security concerns, several governments and organizations have taken precautionary measures:
The Australian government has advised critical infrastructure operators to refrain from using DeepSeek due to national security concerns, though it has not imposed a mandatory ban.
South Korean ministries, including the Ministry of Industry and the Ministry of Defense, have blocked access to DeepSeek, citing security concerns. The country's privacy authority plans to request information from DeepSeek regarding its data management practices.
The U.S. Navy has banned the use of DeepSeek among its personnel, citing security and ethical issues. Additionally, Texas has become the first state to ban the AI chatbot DeepSeek and social media app RedNote, citing security concerns over potential data exposure to the Chinese Communist Party. Governor Greg Abbott issued the directive, especially after DeepSeek became highly popular on the Apple Store. These apps have been barred from government-issued devices.
Microsoft and OpenAI have initiated investigations into potential data theft by DeepSeek. There are suspicions that DeepSeek may have improperly accessed OpenAI's technology via its API, potentially violating terms of service that prohibit using outputs to create competing models. This incident has heightened concerns about intellectual property theft and the ethical use of AI technologies.
Recent testing has shown that DeepSeek's AI models are more vulnerable to manipulation than those of its more expensive competitors from Silicon Valley. That challenges the entire David-vs-Goliath narrative on “democratized” AI that has emerged from the company’s breakthrough. The billions of dollars that OpenAI, Alphabet Inc.’s Google, Microsoft Corp. and others have spent on the infrastructure of their own models look less like corporate bloat, and more like a cost of pioneering the AI race and keeping the lead with more secure services. Businesses eager to try the cheap and cheerful AI tool need to think twice about diving in.
If you decide to use DeepSeek AI despite its security concerns, using a trusted VPN is highly recommended to safeguard your privacy. Here’s why:
DeepSeek AI may track your IP address and location, posing potential privacy risks. A VPN masks your real IP, preventing the platform from logging your exact whereabouts and keeping your data anonymous.
With DeepSeek’s recent data breach incidents, hackers or third parties could potentially intercept unprotected data. A VPN encrypts your internet traffic, making it nearly impossible for outsiders to access your sensitive queries or personal details.
Several countries and organizations have banned or restricted DeepSeek AI due to privacy risks. If you still need access, a VPN can bypass these blocks, though it’s wise to question why authorities have restricted it in the first place.
Recent reports indicate DeepSeek AI may transmit user data to China Mobile. Trusted VPN prevents your real network details from being exposed, reducing the risk of data leaks or potential surveillance.
Your ISP and other network providers can monitor and log your AI activity. A VPN makes your queries, searches, and interactions remain private.
Keep in mind - Using a VPN with DeepSeek AI is a must to minimize risks, but it doesn’t eliminate all security concerns.
