The world of AI received a huge shakeup this week when DeepSeek overtook ChatGPT as the top-rated free app on Apple’s US App Store. And right on the heels of that announcement was another—the platform was hit by a cyberattack, prompting the platform to limit new registrations.
Artificial intelligence technology is developing and evolving at a rapid pace, making it difficult to stay on top of evolutions and instill the proper security measures to keep systems and data safe.
Let’s take a breath and learn more about what DeepSeek is, what we know about the cyberattack and how it impacts users, and how developers are using this new technology.

1. What Is DeepSeek?
DeepSeek is a direct competitor to current AI leader, which is OpenAI — known best for ChatGPT. DeepSeek’s models are called DeepSeek-V3 and DeepSeek-R1, and they are reported to be equivalent to the most advanced models of both OpenAI and Meta.
The difference is that DeepSeek’s models are reportedly 20 to 50 times cheaper to use when compared to the OpenAI o1 model. These advancements, as well as a very favorable public experience, led to the company disrupting the U.S. technology landscape, resulting in a large dip in the stock market. However, some have expressed public criticism over the company’s metrics and story.
DeepSeek is a Chinese startup based in Hangzhou. Its chat bot has seen a dramatic spike in popularity in the last week, but that’s not all it does.
DeepSeek Coder
A specialized side of DeepSeek can be used for writing code. As stated by DeepSeek themselves:
“DeepSeek Coder comprises a series of code language models trained from scratch on both 87% code and 13% natural language in English and Chinese, with each model pre-trained on 2T tokens.”
This open-source feature is free for research, commercial, and personal use, and it promises state-of-the-art performance.
Its popularity is growing, but recent news of potential data security issues has developers suspicious of the technology.
2. DeepSeek Security Concerns

The platform has already shown itself to be vulnerable to attacks. Earlier this week, DeepSeek announced they would be limiting user registrations because of a series of malicious cyberattacks.
A major concern for developers using DeepSeek Coder is how data is stored and used—particularly if a developer is working with proprietary information.
The DeepSeek privacy policy is very clear about where the information it gathers is stored:
“The personal information we collect from you may be stored on a server located outside of the country where you live. We store the information we collect in secure servers located in the People’s Republic of China.”
The information you feed DeepSeek is recycled to inform its future responses. As stated in the privacy policy:
“We use your information to operate, provide, develop, and improve the Service.”
3. Is DeepSeek Coder Safe?
Organizations that work with sensitive information need strict audit trails for where data is stored and how it is used. Developers working with DeepSeek can’t guarantee that it is handled with the degree of privacy likely dictated by their employers.
The problem is that even if a company establishes that a type of software goes against security policies, team members are still likely to use it if it simplifies their workday; approximately 40% of developers have used generative AI tools without formal approval from their organizations.
Introducing strong security guardrails is the only way to give yourself the best chance at remaining secure while using DeepSeek Coder.
This includes:
- Frequent and comprehensive data backups
- Multiple layers of testing
- Encrypting sensitive data in production environments
- Leveraging static code analysis
New software is likely to experience security concerns as it expands its user base. DeepSeek will likely become even more of a target as it becomes increasingly popular. These concerns need to be addressed internally, but the onus of responsibility falls on users.
Providing developers with an infrastructure tailored toward security gives you the best chance at remaining safe and compliant as DeepSeek continues to refine its models.
Next Step…
DeepSeek is obviously not the first generative AI tool used for software development. These challenges are widespread across the artificial intelligence landscape.
Read our ebook The State of AI Security in Salesforce DevOps to learn how to approach this powerful software as safely as possible.