Thursday, 16 July 2026 Login

Spreadsheets. Data. Now.

BREAKING
Productivity Hacks

Hacker exposes Suno’s song-scraping methods

Hacker exposes Suno’s song-scraping methods - song scraping
Hacker exposes Suno’s song-scraping methods

Suno confirmed a security breach last November that exposed internal details about how it collected millions of songs for training data. The hacker accessed source code and customer records, though the company stated no sensitive personal information was compromised.

How the breach unfolded

The hacker told reporters they infected a Suno employee’s device with a worm, gaining access to GitHub and cloud service credentials. Along with outdated source code, the intruder obtained data on the company’s music-scraping methods and a customer list containing hundreds of thousands of email addresses and phone numbers.

Suno contained the incident quickly and said no full credit card numbers—processed through Stripe—were exposed. Since the leaked customer data was limited, the company decided individual notifications weren’t required under privacy laws.

Details revealed about Suno’s training data

The exposed data showed Suno scraped music and lyrics from YouTube Music, Deezer, Genius, and stock music libraries. The company may have used proxy services to pull audio from YouTube, including acapella tracks, and RSS feeds to collect hundreds of thousands of podcasts.

This isn’t the first time Suno’s data practices have drawn attention. In a 2024 court filing, the company admitted to scraping tens of millions of recordings from the internet, arguing its approach qualified as fair use. Suno has faced a copyright infringement lawsuit from record labels in the US. Late last year, Warner Music Group dropped out of the case as it reached a licensing deal with Suno.

Related: Starlink unveils smaller home dish

AI music tools have sparked debates over copyright and creativity. Suno and similar platforms claim their models learn from publicly available material, while artists and labels argue the practice violates their rights. The breach doesn’t resolve the dispute, but it reveals how one of the most prominent companies in the field built its dataset.

A spokesperson stated the models were trained on publicly available music files and related metadata from the open internet. The company also noted it has systems to prevent users from replicating existing artists’ work, though critics say those protections are easily circumvented.

The hacker’s findings match broader investigations into AI training datasets. One report identified collections containing millions of songs used to train music-generation models, raising concerns about transparency and consent in AI development.

The breach appears contained, but the controversy over Suno’s data practices continues.

For now, the company faces ongoing scrutiny.

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *