Guozhen AIGlobal AI field notes and model intelligence

Realtime AI News

Suno Hack Reveals AI Music Generator Scraped YouTube Audio for Training

A hacker gained access to Suno's source code through a supply chain attack, revealing evidence that the AI music generator scraped decades of audio from YouTube Music, Deezer, and other platforms. The breach exposes Suno's training data practices at a time when the company faces copyright lawsuits from major record labels.

Published
黑客入侵Suno曝光训练数据来源:大量抓取YouTube音频
Image source: techcrunch.com

AI music generation company Suno was hacked, with the attacker obtaining internal source code that revealed how the company sourced audio data for training its AI models. According to a TechCrunch report, the hacker used a supply chain attack in November 2025 to access an employee's credentials, then accessed source code showing how Suno allegedly scraped decades of audio from YouTube Music, Deezer, Genius, stock music libraries, and podcast RSS feeds.

Suno has previously maintained that it trains its AI on publicly available music files and argues it can use copyrighted material under the fair use doctrine. However, the leaked evidence suggests Suno may have deliberately circumvented YouTube's protections against data scraping, potentially violating the Digital Millennium Copyright Act (DMCA) and YouTube's terms of service.

The hacker also accessed customer data, including partial credit card numbers stored in Stripe. Suno did not notify customers about the November 2025 breach and later described it as a limited security incident that was quickly contained.

This revelation comes at a critical time as Suno faces active lawsuits from major record labels accusing the company of using copyrighted music without permission for AI training. The leaked evidence could strengthen the labels' case and weaken Suno's fair use defense.

Notably, competitor Udio has also been accused of scraping YouTube data, and even Google, YouTube's parent company, faces similar allegations. This suggests the AI music industry's data sourcing practices extend well beyond a single company.

For the broader industry, the Suno hack highlights the risks of operating in the gray area of AI training data. Security vulnerabilities can expose practices that companies prefer to keep confidential, potentially reshaping legal and regulatory landscapes.

Going forward, attention will focus on whether this breach accelerates the record labels' litigation, prompts regulatory scrutiny of AI training data sources, and forces Suno to reconsider its data acquisition strategy.

Why it matters

The Suno breach exposes its YouTube scraping practices at a critical juncture in copyright litigation, potentially shifting the legal landscape for AI music training data.

SunoAI MusicTraining DataCopyrightSecurity
Back to AI Daily

Nearby Updates

All