The Great AI Data Leak: Live Map of Exposed Corporate Vector Databases

This is not a port scan. Every database plotted on this map returned HTTP 200 OK to an anonymous request — no API key, no IAM role, no authentication of any kind. These are verified unauthenticated exposures of AI infrastructure on the public internet, discovered through passive Shodan banner-grab analysis. EchelonGraph sends zero packets.

Exposed Database Types Under Active Monitoring

• Milvus — Open-source vector database for AI/ML similarity search. Commonly deployed without authentication in development environments that leak to production.
• Qdrant — High-performance vector search engine. Default configuration exposes REST API on port 6333 without authentication.
• ChromaDB — AI-native embedding database used in RAG pipelines. Frequently exposed on port 8000 with full read/write access.
• Weaviate — Vector search engine with GraphQL API. Unauthenticated instances expose complete knowledge graphs.
• Ollama — Local LLM inference server. When exposed publicly, allows arbitrary model execution and prompt injection.
• LangServe — LangChain deployment framework. Exposed instances reveal complete AI agent chain configurations and tool access.

Why Perimeter Security Fails for AI Infrastructure

Traditional perimeter security was designed for monolithic applications with predictable network boundaries. AI infrastructure breaks this model fundamentally: vector databases store high-dimensional embeddings that encode proprietary business logic, customer data, and model weights. When a junior developer spins up a Milvus instance to "get it working quickly" and forgets to enable authentication, the result is not just an open port — it is a complete data exfiltration surface.

Attackers can extract embeddings, poison training data, steal model configurations, and execute destructive operations — all without triggering traditional IDS/IPS alerts because the requests look like legitimate API calls returning 200 OK.

Secure Your AI Infrastructure with Zero-Knowledge Telemetry

EchelonGraph's Zero-Knowledge Telemetry Processing provides continuous visibility into your AI infrastructure without ever accessing your data. Detect unauthenticated exposures, misconfigured vector databases, and shadow AI deployments before attackers find them. Unlike traditional scanners, EchelonGraph operates at the telemetry layer — your data never leaves your environment.