A major security slip-up by Chinese AI startup DeepSeek has left sensitive user data exposed online. The company’s internal database, which contained chat logs, API keys, and other private details, was accessible to anyone without a password. This meant over a million unencrypted records were out in the open for an unknown period.

The issue was spotted by cybersecurity experts from Wiz, who alerted DeepSeek. The company quickly took the database offline, but it’s still unclear if anyone else accessed the information before it was secured. The exposed chat logs, primarily in Chinese, were reportedly easy to translate, raising concerns about user privacy.

Mistakes like this often stem from simple human errors rather than malicious intent. Despite the gaffe, DeepSeek has gained significant attention since its launch in December. The company has yet to comment on the incident.

This serves as a reminder of how crucial it is to secure sensitive data—especially as AI platforms grow in popularity.