Suno Data Breach Reveals Scale of AI Music Scraping
Suno suffered a security breach exposing source code and evidence that the AI music platform scraped millions of files from services like YouTube Music and Deezer.
A November 2025 security breach at Suno exposed source code and data revealing the scale of music scraping used to train its generative AI models. Leaked data obtained by 404 Media from a hacker using the pseudonym Ellie.191 indicates that the company scraped millions of clips and hundreds of thousands of hours of audio. These sources included YouTube Music, Deezer, Genius, Pond5, Jamendo, Freesound, and the International Music Score Library Project.
The breach also exposed customer emails, phone numbers, and Stripe payment records for hundreds of thousands of users. Suno stated the incident was quickly contained and denied that full credit card numbers were compromised.
These revelations arrive as Suno faces copyright infringement lawsuits from the Recording Industry Association of America and major labels including Sony Music Entertainment and Universal Music Group, who allege the service illegally replicates artist styles. While Suno recently reached a deal with Warner Music Group, the company continues to defend its practices by claiming training on publicly available internet files constitutes fair use.
Adding political pressure to the legal battles, Australian Prime Minister Anthony Albanese recently characterized the unauthorized use of creative work to train AI as theft, asserting that artists must retain ownership and control of their output.