Unencrypted Data Exposure
A recent security audit of the DeepSeek AI app for iOS has uncovered serious vulnerabilities, particularly in how it handles user data. Researchers found that the app transmits sensitive user and device information over the internet without encryption, making it highly susceptible to interception by cybercriminals. This flaw exposes users to potential privacy breaches, data manipulation, and unauthorized tracking.
Privacy Concerns Over Extensive Data Collection
In addition to unencrypted transmissions, the audit revealed that DeepSeek's app collects a large amount of personal and device-related data. This includes unique device identifiers, location data, and user preferences. While such data collection is common in AI-driven applications, the lack of transparency regarding how this data is stored and used raises significant privacy concerns. Experts warn that if exploited, this could lead to targeted cyberattacks and identity theft.
Company Response and Future Implications
Following the audit's findings, DeepSeek has stated that it is investigating the issue and working on a fix to implement end-to-end encryption for sensitive data. However, cybersecurity professionals argue that this incident underscores a broader industry problem where AI-driven apps prioritize functionality over security. Moving forward, regulatory scrutiny on AI applications is likely to increase, and developers may need to adopt stricter security measures to regain user trust.
