Back to News Wire
Industry Source-backed article

Suno Hack Exposes YouTube and Deezer Scraping for AI Training

Published Jul 17, 2026 By Matt White
Suno Hack Exposes YouTube and Deezer Scraping for AI Training

Image via edm.com

TL;DR

A security breach at AI music platform Suno has exposed internal data showing the company allegedly scraped millions of audio clips from YouTube Music, Deezer, Genius, and stock audio libraries to train its song-generating models. The leaked files, dating to 2023 and 2024, appear to corroborate allegations in ongoing lawsuits from the RIAA and major labels that Suno trained on copyrighted material without authorization.

“decades worth of music and podcasts from the internet to train its AI tool”

“limited security incident that was quickly contained”

“outdated source code that is no longer in use”

Leaked Files Detail Training Data Sources

Internal data obtained by 404 Media through a breach of Suno, the AI music platform that generates full tracks from text prompts, reveals how the company assembled recordings behind its song-generating models. According to the report published this week by 404 co-founder Jason Koebler, the files were provided by a hacker who claimed they infiltrated Suno's systems.

The material, which appears to date to 2023 and 2024, outlines how the startup allegedly pulled audio from YouTube Music, Deezer, Genius, and several stock audio libraries including Pond5, Jamendo, and Freesound. Internal metadata identified in the leaked code references datasets that ingested more than two million individual clips from YouTube Music alone. Together with tens of thousands of additional hours drawn from Genius and the sheet music archive IMSLP, the haul amounts to what the outlet called decades worth of music and podcasts from the internet.

Legal Battles Over Training Practices

Suno has faced significant legal scrutiny over its training practices. The company is currently fighting a lawsuit filed in the summer of 2024 by the RIAA alongside Sony, UMG, and Warner, alleging that its models were developed using millions of copyrighted recordings without authorization. Suno has not disputed that it trained on copyrighted material, but has argued in court filings that doing so is protected under fair use.

The 404 reporting appears to corroborate the RIAA's allegations, which accused Suno of extracting audio directly from YouTube in violation of the platform's terms. The data also indicates that Suno searched specifically for isolated vocal tracks, such as acapella versions of songs posted to YouTube. The company also allegedly relied on infrastructure from Bright Data, a firm that sells web-scraping tools and proxy services, to carry out the downloads.

Timing and Industry Fallout

The timing compounds pressure on Suno as artists are currently sounding off en masse after The Atlantic released its AI Watchdog database, an investigative tool that enables artists to search and discover whether their songs were among more than 21 million circulated among AI developers without their consent. While Suno was not explicitly named in that database, the company's standing as a $5.4 billion tech unicorn embroiled in more than a dozen copyright lawsuits has entrenched it as a prominent adversary.

In a statement, a Suno spokesperson said the company had determined in November that it had been the target of what it called a limited security incident that was quickly contained. An internal investigation, the rep added, found that the exposed material was largely outdated source code that is no longer in use.

Matt White

Matt White

EDM Source Editor

Reporting on the latest in the electronic dance music community with verified accuracy.

Community Signals

> No signals detected on this frequency.