Suno Breach Exposes 113,000+ Hours of Scraped Music Training Data

SONY3.23%

AI music platform Suno suffered a data breach in 2025 when a hacker using the Shai-Hulud worm infiltrated the company's systems and leaked internal source code revealing the origins of its training data. The leaked files, first reported by 404 Media, document that Suno scraped over 113,879 hours from YouTube Music, 62,117 hours from stock library Pond5, and 12,287 hours from Deezer, among other sources. The intrusion also exposed customer emails, phone numbers, and Stripe payment information for what the hacker describes as hundreds of thousands of users. Suno identified the incident in November 2025 and characterized it as limited, involving primarily outdated source code. The breach provides technical confirmation of allegations the Recording Industry Association of America made in its 2024 lawsuit against Suno, which accused the company of ripping songs directly from YouTube—a claim Suno has contested under fair use defense.

Leaked Source Code Documents Training Data Sources and Scale

The leaked material consists of scraping instructions and internal logs from 2023 and 2024. According to internal file comments reviewed by 404 Media, the training library included 113,879 hours of YouTube Music, 152,162 hours of tagged YouTube tracks, 62,117 hours from Pond5, 12,287 hours from Deezer, and 17,615 hours in a dataset labeled genius_hq associated with material collected through Genius. The code also documented plans to download roughly 1 million hours of podcast audio via RSS feeds. One internal file tracking YouTube Music ingestion alone logged 2,013,545 music clips.

The hacker claims to have used malware called the Shai-Hulud worm, named after the sandworms in Frank Herbert's Dune. Suno, one of the largest AI music generators online, lets users type a text description and receive a full song in seconds. Building that capability required a substantial training dataset—a collection of audio files used to teach the model what different genres and styles sound like.

Suno Acknowledges Breach Involving Customer Records

The hacker claimed to have accessed records associated with hundreds of thousands of customers, including emails, phone numbers, and Stripe-related information. Suno disputes that sensitive personal information was compromised. The company says it identified the incident in November 2025 and called it limited. Suno determined the exposure primarily involved outdated source code no longer in use and concluded that individual customer notifications were not required under applicable privacy laws. Users are finding out about the breach through news coverage.

Suno had already disclosed under California's AB 2013 law that its training data may include music subject to intellectual property protection and listed the corpus at tens of millions of publicly available music audio files. What the hack adds is specificity—the legal filing was vague by design, and the leaked code is not.

RIAA Lawsuit Allegations Corroborated by Leaked Files

The Recording Industry Association of America alleged in a 2025 amendment to its original 2024 lawsuit against Suno that the company was ripping songs directly from YouTube. The suit seeks $150,000 per infringement incident. The hacked source code corroborates the RIAA's central allegation. Suno's case with Sony and UMG remains active in federal court. The company's valuation sits at $5.4 billion with around 100 million users on the platform.

Udio, which was targeted in a parallel lawsuit filed by the same major-label coalition, settled with Warner Music in November 2025 and is transitioning to a licensed platform. In June 2026, The Atlantic published four searchable databases documenting music used to train AI models—one containing 12 million tracks, another with 9 million, and two more with around 100,000 each.

FAQ

What data did the Suno breach expose in 2025?
The breach exposed internal source code documenting that Suno scraped 113,879 hours from YouTube Music, 62,117 hours from Pond5, 12,287 hours from Deezer, and other sources. The hacker also claimed to access customer emails, phone numbers, and Stripe payment information for hundreds of thousands of users.

When did Suno identify the security incident?
Suno identified the incident in November 2025 and characterized it as limited, involving primarily outdated source code no longer in use. The company concluded that individual customer notifications were not required under applicable privacy laws.

How does the breach relate to the RIAA lawsuit against Suno?
The leaked source code corroborates the Recording Industry Association of America's allegation in its 2024 lawsuit that Suno ripped songs directly from YouTube. The suit seeks $150,000 per infringement incident and remains active in federal court with Sony and UMG.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments