A hacker exposed Suno’s training data and user details
A security breach has revealed that Suno, a major AI music generator, scraped millions of songs and lyrics from YouTube Music, Deezer, Genius, and several stock libraries including Pond5, Jamendo, Freesound, and the International Music Score Library Project. The hacker also accessed information for hundreds of thousands of Suno customers and their Stripe payment data.
This information provides a rare look at how the company built its models. Suno has faced multiple lawsuits from the record industry over copyright. In previous legal filings, Suno admitted to training on “essentially all music files of reasonable quality that are accessible on the open internet,” a figure it described as “tens of millions of recordings.” The company argues this training falls under fair use, a claim settled in one case.
The leaked files confirm the Recording Industry Association of America’s accusation that Suno ripped songs directly from YouTube. Source code found in the breach includes instructions for scraping specific platforms. Comments within one file list targets such as “genius_hq,” “youtube_music,” and “deezer,” noting that non-music content would be filtered out. Another file details that the “youtube_music” dataset had ingested 2,013,545 music clips.
The code further breaks down the volume of data collected. Figures show the ingestion of 113,879 hours of YouTube music, 17,615 hours from Genius, 410 hours from Freesound, 19,514 hours from IMSLP, 3,726 hours from Jamendo, 62,117 hours from Pond5, 12,287 hours from Deezer, 152,162 hours from YouTube tagged content, and 103 hours from MuseScore lyrics. This totals decades of audio. The data suggests the company also targeted podcasts via the PodcastIndex tool, seeking to download roughly 1 million hours from 420,000 different podcasts that had at least five episodes of 30 minutes each.
“For Suno specifically, this process involved copying decades worth of the world’s most popular sound recordings and then ingesting those copies into Suno’s AI models so they can generate outputs that imitate the qualities of genuine human sound recordings,” the RIAA wrote in its lawsuit.
Additional code indicates the use of proxies through a company called Bright Data to access YouTube. There is also evidence Suno used Bright Data to find acapella versions of songs. The method used to scrape other platforms, such as Pond5 and Genius, is not fully clear from the files. Pond5, owned by Shutterstock, hosts 2.5 million tracks, and Suno’s data suggests a substantial portion of this library was accessed. Genius allows Apple Music subscribers to play samples but does not host full songs directly.
In a statement, a Suno spokesperson said the company had been the subject of a “limited security incident” in November 2025 that was quickly contained. They claimed the breach involved outdated source code no longer in use and that no sensitive personal information was compromised. Suno stated it does not have access to customers’ full credit card numbers in Stripe. Because of this, the company decided individual notifications were not warranted under privacy laws. A training data disclosure required by California law was also sent.
404 Media has previously reported on leaked materials showing Nvidia and Runway ML scraping YouTube. AI companies generally no longer deny training on copyrighted material, instead arguing fair use protections. Last month, The Atlantic reported on several music databases used in AI training that consist of millions of tracks distributed as links to songs on YouTube or Spotify. It is unclear if Suno used any of these specific datasets.
The Suno spokesperson added that the company works to prevent users from generating songs that sound like existing works. One of the main points in the lawsuits was that Suno could output songs nearly indistinguishable from existing ones. “Our goal has always been to help people create original new music, not replicate someone else’s,” the spokesperson said. “That’s why we build our models around what we call ‘Original Creation, By Design.’ For example, we intentionally do not use artist names as a category of training metadata because we want our models to help people create brand new songs, not music that replicates other artists’ existing work.”
Mikey Shulman, the CEO and founder of Suno, said on a podcast last year that he believes the majority of people do not enjoy the majority of the time they spend making music.
What it means
For musicians and listeners, this confirms the scale of data used to train these tools. The code shows a systematic approach to harvesting audio, including specific searches for acapella versions to isolate vocals. The use of services like Bright Data and PodcastIndex highlights the automated nature of this collection. While Suno claims the breach involved outdated code, the existence of these files proves the scraping methods were active. The company’s stance that they do not store full credit card numbers limits the immediate financial risk to users, but the exposure of user accounts remains a significant privacy issue.




