Cyber threats
Barometer

In January 2025, Chinese AI startup DeepSeek suffered a major security breach, resulting in the exposure of over a million sensitive records via an insecure ClickHouse database. Identified by Wiz Research, this vulnerability illustrates the cybersecurity challenges facing fast-growing AI companies, and highlights the need for stronger data protection practices in a rapidly expanding sector.

The compromised database was accessible without authentication and contained several sensitive pieces of information, including plaintext chat histories, API keys, backend system logs and operational metadata. The absence of access restrictions raises questions about possible undetected access to the data before the incident was discovered. Although DeepSeek secured the database within an hour of being informed, the extent of exposure remains uncertain.

This incident highlights the risks associated with the rapid growth of AI-based technologies, where the priority given to innovation can sometimes overshadow security requirements. As regulatory pressure intensifies, with calls for stricter enforcement of the EU’s AI Act and the GDPR, the DeepSeek leak serves as a reminder that securing AI requires as much investment in infrastructure and governance as it does in model development.

The AI Act (European Regulation on Artificial Intelligence) is the EU’s regulatory framework for the development and use of AI, based on its level of risk. It applies to organizations offering AI systems on the European market, including those based outside the EU if their services affect European citizens.

AI systems are classified into four risk levels, from prohibited applications (social rating, cognitive manipulation) to high-risk systems, subject to strict transparency and security requirements (e.g. AI used in healthcare or finance).

Violations can result in penalties of up to €35 million or 7% of worldwide sales.

Malware, critical vulnerabilities, advanced persistent threats, industries particularly targeted, weak signals of emerging attacks…It’s no secret that knowledge of one’s adversary is a key factor for the security of an enterprise. The Cyber Threats Barometer gives you a monthly overview of the cyber threats detected by Gatewatcher CTI, our Cyber Threat Intelligence platform.

Gatewatcher CTI’s automated collection, analysis and correlation engines are continuously fed by more than 4000 data sources from multiple channels: social networks, specialized sites, dark and deep web. They make threat information available an average of 24 hours in advance of the competition and help operational response teams make better decisions by dramatically reducing their analysis and incident treatment times.