Bethany Alvaro 
A new study by Harmonic examined over 20 million GenAI prompts from 1 January to 31 December last year to gather insight into the usage of DeepSeek, a China-based LLM GenAI system that was launched in January last year and has subsequently been banned by seven countries, NASA, and the US Navy due to security concerns.
The research found that the platform had the highest rate of sensitive data exposure compared with other Chinese GenAI tools, with 55 per cent of usage resulting in sensitive data being exposed to a potential security breach.
Of this 55 per cent, code, financial projections, and legal discourse were the top three most sensitive data types being exposed.
Notably, Harmonic points out that, despite DeepSeek’s notoriety, Kimi Moonshot, another Chinese GenAI tool, was able to generate more traffic and become the dominant software.
“DeepSeek grabbed headlines. Kimi quietly captured traffic,” the report said.
“And here’s the twist most security teams miss: DeepSeek isn’t your biggest shadow AI problem. It’s not even close.
“Kimi Moonshot dominates usage volume at roughly 3.5x DeepSeek’s traffic. But when it comes to sensitive data exposure, DeepSeek is disproportionately high.”
The problem this poses for a business, organisation, or government is the fact that the content uploaded to Chinese GenAI software falls under Chinese jurisdiction, and is then able to be accessed by the government due to China’s cyber security laws. This can pose a potential national security and intelligence threat.
Harmonic’s report said that measures such as creating specific China AI policies, blocking general use of data rather than applications, and targeting employee education programs surrounding AI are useful ways to govern China-based AI tools.
As the cyber world marks one year since DeepSeek’s launch, Harmonic said: “DeepSeek’s anniversary marks an inflection point, not an endpoint. Chinese AI development is accelerating. The technical gap continues to narrow.”
“China-based AI governance must become permanent. Not a one-time headline response.”