“It’s pretty shocking to build an AI model and leave the back door wide open from a security perspective,” says Jeremiah Fowler, independent security researcher, who was not involved in the Wiz Research, but specializes in the discovery of exposed databases. “This type of operational data and the ability for everyone with an internet connection to access and then manipulate it is a great risk to the organization and users.”

The Deepseek systems are apparently designed to look very similar to Openai’s, researchers Wired told Wired, perhaps to make it easier for new customers to switch to using Deepseek without problems. It seems that the entire Deepseek infrastructure is mimicking Openai’s, they say, to details such as the format of the API keys.

The Wiz Researchers say they do not know if anyone else found the exposed database before they did, but it would not be surprising, given how simple it was to discover. Fowler, the independent researcher, also notes that the vulnerable database would have found ‘definitely’ quickly – if it wasn’t – whether by other researchers or bad actors.

“I think it’s a wake-up call for the wave of AI products and services we will see in the near future and how serious they take cyber security,” he says.

Deepsheek has made a global impact over the past week, with millions of people flocking to the service and pushing it to the top of Apple and Google’s app stores. The resulting shock waves wiped out billions of rands from the share prices of the US AI businesses and haunted managers at firms across the country. Sources at Openai told the Financial Times on Wednesday that he had investigated the alleged use of Chatgpt output to train his models.

At the same time, Deepseek increasingly drew the attention of legislators and regulators around the world, which began to ask questions about the company’s privacy policies, its impact and its Chinese ownership thereof provides national security issues.

The Regulator of the Italy’s data protection sent Deepseek a series of questions asked where he obtained his training data, if people’s personal information was included, and the firm’s legal basis for using this information. As Wired Italy reports, the DeepSeek app does not appear to be available to download within the country to the questions sent.

The Chinese mortgages of Deepsheek also appear to arouse safety issues. At the end of last week, according to CNBC reporting, the US Navy issued a warning to its staff who warned them not to use Deepseek’s services “in any capacity”. According to the email, the fleet staff members should not download, install or use the model, and that they raise concerns about ‘potential security and ethical’ problems.

However, despite the hype, the exposed data shows that almost all technologies relying on cloud host databases can be vulnerable through simple security decay. “AI is the new boundary in everything related to technology and cyber security,” says Wiz’s Ohfeld, “and we still see the same old vulnerabilities as databases left open on the internet.”