Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124

Suno data obtained in the hacking incident revealed that the AI music generator was trained by extracting millions of songs and lyrics from online audio platforms, including YouTube Music, Deezer and Genius. 404 media Reports. Since Suno has avoided revealing the contents of its training datasets and how they were obtained, this is a rare glimpse into what Suno has in store In reality Taken from online platforms.
This is important because Suno has been the subject of several lawsuits alleging that he used it Copyrighted materials To train its own AI models. in Notable condition Provided by the Recording Industry Association of America (RIAA), Sonu admitted publicly They do so, arguing that training on copyrighted materials and publicly available music files from the open Internet is legally permissible under the doctrine of fair use. Whether the court agrees or not, the amendment filed by the RIAA last year also alleges that Suno unlawfully circumvented YouTube’s copyright protections by intentionally “Copy Stream” paths. From the platform.
Materials shared with 404 media By the hacker, referred to as “elli.191”, who is said to support these claims. The data includes Suno source code from 2023 and 2024, along with instructions for extracting audio files from YouTube Music, Deezer, Genius, Pond5, Jamendo, Freesound, and the International Music Library Project (IMSLP). Other leaked code reportedly indicates that Suno used a third-party company called Bright Data to extract music from YouTube, and apparently searched for a cappella versions of songs on the platform for an audio-only source.
The YouTube Music profile indicates that Suno had consumed 2,013,545 YouTube Music tracks when it was last updated. According to another filing, the data sets collected by Suno included hundreds of thousands of hours of YouTube Music, thousands of hours of Deezer, Genius, IMSLP, Jamendo, and Pond5, and hundreds of hours of Freesound and MuseScore lyrics. Suno also sought to download nearly 1 million hours of podcasts via an online tool called PodcastIndex, according to additional code.
“As we stated in public filings and Disclosures“Suno’s AI models have been trained on publicly available music files and related metadata that are accessible on third-party sites on the open Internet,” an unnamed Suno spokesperson said in a statement to Suno. 404 media.
The hacker also gained access to Suno’s customer information, which included email addresses, phone numbers and Stripe payment details. Some of the clients that contacted them 404 media They confirmed they had signed up for the service, and said Suno never notified them about any security breach.
In a statement to 404 mediaA Suno spokesperson said the company became aware of a security incident in November 2025, and the situation was quickly contained.
“At that time, we immediately investigated and verified that the incident primarily related to legacy source code that was no longer in use at Suno and that no sensitive personal information had been compromised. “Importantly, Suno does not have access to Stripe customers’ full credit card numbers,” a Suno spokesperson said. “Based on the limited nature of the customer information believed to be involved, we determined that individual notifications were not warranted under applicable privacy laws.”