Tech and Telecom

Suno AI Music Generator Allegedly Stole Millions of Songs for Training

A hacker reportedly breached AI music company Suno and shared internal source code and training-library details that show how the company gathered music, lyrics, and podcasts to train its AI music generator.

According to 404 Media, the hacked material included source code from 2023 and 2024, along with scraping instructions for sources such as YouTube Music, Deezer, Genius, Pond5, Jamendo, Freesound, and podcast RSS feeds.

Millions of Songs

The report said one file listed several sources, including YouTube Music, Genius, Deezer, Freesound, Jamendo, and other music libraries.

Ad Powered By Advergic
Loading ad . . .
Ad - Continue scrolling to read

Another file named “youtube_music” reportedly stated that Suno had ingested more than 2 million music clips from YouTube Music. Other internal comments cited by 404 Media referred to large datasets, including more than 113,000 hours from YouTube Music, more than 62,000 hours from Pond5 Music, more than 17,000 hours from Genius, more than 12,000 hours from Deezer, and more than 3,700 hours from Jamendo.

The hacked data also reportedly showed code that searched YouTube for acapella versions of songs, suggesting Suno was looking specifically for vocal tracks.

Podcasts Were Also Targeted

The report said Suno also used PodcastIndex to identify podcasts for possible scraping.

According to 404 Media, the code identified around 420,000 podcasts that had at least five episodes of 30 minutes or more. It then sought to download roughly 1 million hours of podcast audio.

The hacked material also reportedly showed that Suno used proxy services from Bright Data to scrape content from YouTube.

Lawsuits Already Accuse Suno of Copyright Infringement

The leak comes as Suno is already fighting major lawsuits from the music industry.

The Recording Industry Association of America and major record companies sued Suno and Udio in 2024, accusing them of using copyrighted songs to train their AI music systems without permission. The RIAA also accused Suno of ripping songs directly from YouTube.

Suno has argued that its models were trained on publicly available music files and metadata, and that this use is protected by fair use.

The hacked data reported by 404 Media could add new pressure to that legal fight because it appears to show more detail about the scale and sources of Suno’s training material.

Hacker Claims Breach Used Shai-Hulud Worm

The hacker, who used the name ellie.191, told 404 Media that they breached Suno by hacking an individual employee through the Shai-Hulud worm.

The worm was described as a supply-chain attack that allowed hackers to collect GitHub and cloud-service credentials. The hacker said they had no specific motive for targeting Suno and claimed they simply liked hacking “anything and everything.”

Customer Data Accessed

The hacker also claimed to have accessed Suno’s customer list.

According to the report, the exposed data included customer emails or phone numbers and some Stripe payment-related details, depending on how users signed in. 404 Media said some customers in the sample confirmed that they had used their phone numbers to sign up for Suno and said they had not been notified of a breach.

Suno reportedly said the breach involved outdated source code and that no sensitive personal data or full credit card information was exposed. The company also said Stripe handled payment processing.

Fresh Scrutiny for AI Music Training

The breach gives a rare look at how one of the largest AI music generators may have built its training libraries.

For Suno, the timing is difficult. The company is already facing legal pressure from record labels, while artists and rights holders continue to question whether AI music tools should be allowed to train on copyrighted songs without licenses.

For the wider AI industry, the report raises the same core question again: whether scraping public online content for model training can be treated as fair use, or whether companies need permission from the creators and platforms that host the material.

Stay Connected with ProPakistani

Get the latest tech news, telecom insights, and product launches wherever you prefer.

Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.

Share
Published by
Afaq Wajdan Malik