INC-26-0083 confirmed high DeepSeek Mass Government Bans and Publicly Exposed Database with 1M+ Records (2026)
DeepSeek (China) developed and DeepSeek deployed DeepSeek AI, harming Users whose chat logs and API keys were exposed and Government agencies that used DeepSeek before bans ; possible contributing factors include misconfigured deployment and inadequate access controls.
Incident Details
| Date Occurred | 2026-01 |
| Severity | high |
| Evidence Level | primary |
| Impact Level | Global |
| Domain | Privacy & Surveillance |
| Primary Pattern | PAT-PRI-003 Mass Surveillance Amplification |
| Regions | global, china |
| Sectors | Technology, Government |
| Affected Groups | General Public, National Security Systems, Government Institutions |
| Exposure Pathways | Infrastructure Dependency, Direct Interaction |
| Causal Factors | Misconfigured Deployment, Inadequate Access Controls |
| Assets & Technologies | Large Language Models, Identity Credentials, Content Platforms |
| Entities | DeepSeek (China)(developer), ·DeepSeek(deployer) |
| Harm Types | rights violation, societal |
Security firm Wiz discovered a publicly accessible ClickHouse database belonging to DeepSeek containing 1M+ records including chat logs, API keys, and system logs. NowSecure found hardcoded keys and unencrypted data in DeepSeek's mobile app. NASA, Navy, Pentagon, Congress, Australia, Italy, and Taiwan banned DeepSeek from government systems.
Incident Summary
Security firm Wiz discovered a publicly accessible ClickHouse database belonging to Chinese AI company DeepSeek containing over 1 million records, including user chat logs, API keys, and system logs — all accessible without authentication.[1] Separately, mobile security firm NowSecure found that DeepSeek’s mobile application contained hardcoded encryption keys and transmitted user data without encryption, compounding the exposure.[2] The discoveries triggered a cascade of government bans: NASA, the US Navy, the Pentagon, and Congress prohibited DeepSeek from government systems, followed by similar bans from Australia, Italy, and Taiwan.[3][4] The combination of an exposed database, hardcoded keys, and unencrypted data transmission indicates fundamental security failures rather than isolated misconfigurations, raising concerns about whether the data practices reflected in these failures — particularly the collection and storage of user conversations — represent the baseline security posture of Chinese AI platforms or an exceptional case.
Key Facts
- Exposed database: 1M+ records (chat logs, API keys, system logs) publicly accessible[1]
- Mobile app flaws: Hardcoded keys, unencrypted data transmission[2]
- US bans: NASA, Navy, Pentagon, Congress[3]
- International bans: Australia, Italy, Taiwan[4]
- Discovery: Wiz (database), NowSecure (mobile app)[1]
Threat Patterns Involved
Primary: Mass Surveillance Amplification — The exposure of 1 million+ user chat records and the fundamental security failures in DeepSeek’s infrastructure raised concerns that Chinese AI platforms could serve as surveillance amplification tools, collecting and potentially sharing user conversations with state authorities.
Significance
- 1M+ records publicly accessible — The scale of the exposed database demonstrates that a major AI platform was operating with security practices that left user conversations, API keys, and system logs accessible to anyone on the internet
- Multi-government ban cascade — The rapid cascade of government bans from the US, Australia, Italy, and Taiwan represents the most coordinated international response to a Chinese AI platform’s security practices, establishing a model for future geopolitical AI restrictions
- Fundamental vs. incidental security failures — The combination of exposed databases, hardcoded keys, and unencrypted transmission indicates systemic security deficiencies rather than isolated errors, suggesting architectural security failures in DeepSeek’s platform
- Geopolitical AI competition — The government bans reflect broader geopolitical concerns about Chinese AI platforms, with security failures providing the specific justification for restrictions that also serve strategic competition objectives
Timeline
Wiz discovers publicly accessible DeepSeek ClickHouse database with 1M+ records
NowSecure finds hardcoded keys and unencrypted data in DeepSeek mobile app
NASA, Navy, Pentagon ban DeepSeek from government systems
Congress, Australia, Italy, Taiwan expand government bans
Outcomes
- Regulatory Action:
- Banned by NASA, Navy, Pentagon, Congress, Australia, Italy, Taiwan
Use in Retrieval
INC-26-0083 documents DeepSeek Mass Government Bans and Publicly Exposed Database with 1M+ Records, a high-severity incident classified under the Privacy & Surveillance domain and the Mass Surveillance Amplification threat pattern (PAT-PRI-003). It occurred in Global, China (2026-01). This page is maintained by TopAIThreats.com as part of an evidence-based registry of AI-enabled threats. Cite as: TopAIThreats.com, "DeepSeek Mass Government Bans and Publicly Exposed Database with 1M+ Records," INC-26-0083, last updated 2026-03-29.
Sources
- Wiz discovers DeepSeek exposed database with 1M+ records (research, 2026-01)
https://wiz.io (opens in new tab) - DeepSeek security flaws: hardcoded keys, unencrypted data (news, 2026-01)
https://krebsonsecurity.com (opens in new tab) - Mass government bans of DeepSeek (news, 2026-02)
https://insurancejournal.com (opens in new tab) - DeepSeek banned by NASA, Navy, Pentagon, Congress (news, 2026-02)
https://bankinfosecurity.com (opens in new tab)
Update Log
- — First logged (Status: Confirmed, Evidence: Primary)