cd /news/artificial-intelligence/suno-hack-shows-how-youtube-music-de… · home topics artificial-intelligence article
[ARTICLE · art-60914] src=variety.com ↗ pub= topic=artificial-intelligence verified=true sentiment=↓ negative

Suno Hack Shows How YouTube Music, Deezer and Genius Data Trained AI Music Generator’s Models

A hacker revealed that AI music generator Suno scraped millions of songs from YouTube Music, Deezer, and Genius to train its models, according to a 404 Media report. The breach also exposed customer emails, phone numbers, and payment details, though Suno said it was quickly contained and no sensitive user information was compromised. The disclosure provides rare insight into the training data behind Suno's product, which faces multiple copyright lawsuits from record labels.

read3 min views1 publishedJul 15, 2026
Suno Hack Shows How YouTube Music, Deezer and Genius Data Trained AI Music Generator’s Models
Image: Variety (auto-discovered)

Suno has long acknowledged that its AI music generator relied on the scraping of millions of songs available across the internet, but a new hack reveals just how the company pulled from streaming services and websites such as YouTube Music, Deezer and Genius to power its product — all while user information remained vulnerable.

A report in 404 Media on Wednesday, relying on data a hacker provided to the outlet, showed the instructions in the company’s source code had it scrape files from “genius_hq, youtube_music, freesound, jamendo, imp, deezer,” with the stock music libraries Freesound, Jamendo and the International Music Score Library Project among the other sources scraped. The instructions demanded that “non-music” be filtered out. The hacker also had access to Suno’s customer list, which included emails, phone numbers and Stripe payment details, according to the report.

Popular on Variety

Representatives for Deezer, YouTube Music, Genius, and the stock libraries scraped did not respond to immediate requests for comment.

A Suno spokesperson said the hack was “quickly contained” after the company learned about it in November 2025 and that it primarily exposed “outdated source code that is no longer in use at Suno.” The spokesperson said no sensitive user information was compromised, as the company does not retain full credit card numbers, and that due to the limited breach, it didn’t feel obligated to notify its user base.

“As we have stated in public filings and disclosures, Suno’s AI models have been trained on publicly available music files and related metadata accessible on third-party websites on the open Internet,” the spokesperson said.

One file focused on YouTube Music noted it took in “2,013,545 music clips” at the time it was last updated, while another file’s comments about Suno’s datasets included “113,879 hours of youtube_music,” “17,615 hours of genius_hq,” “410 hours of free sound,” “19,514 hours of imslp,” “3,726 hours of jamendo,” “62,117 hours of pond5_music,” “12,287 hours of deezer,” “152,162 hours of ytm_tagged” and “103 hours of musescore_lyrics,” according to the 404 Media report.

The hack provides a rare glimpse into just how AI music generators train their products, a process that has fueled several copyright infringement lawsuits against the company by record labels, including Universal Music Group and Sony Music Entertainment, and the Recording Industry Association of America, which represents the recording industry, all while earning it derision from several artists. (Warner Music Group settled its lawsuit with Suno last year, and the two are currently developing a new model of the music generator.)

Suno has acknowledged in both the filings and its website that its product was trained on “essentially all music files of reasonable quality that are accessible on the open Internet, abiding by paywalls, password protections, and the like, combined with similarly available text descriptions,” though it has claimed such use is protected under fair use law and that it has introduced to prevent its users from producing songs similar to those scraped through the training.

“Our goal has always been to help people create original new music, not replicate someone else’s. That’s why we build our models around what we call ‘Original Creation, By Design,’” the spokesperson said in a statement. “For example, we intentionally do not use artist names as a category of training metadata because we want our models to help people create brand new songs, not music that replicates other artists’ existing work. It’s also why we built Suno with detection filters that block or prevent a user from using specific artist, song, or album names as prompts, and prevent users from up lyrics or sound recordings that match existing works.”

── more in #artificial-intelligence 4 stories · sorted by recency
── more on @suno 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/suno-hack-shows-how-…] indexed:0 read:3min 2026-07-15 ·