Key Takeaways
- Hacker breached Suno AI music company and shared internal source code.
- Reported data includes details on scraping millions of songs from various sources.
- Legal battles with major record companies already underway.
A hacker has reportedly stolen vast amounts of copyrighted material, including over two million song clips, from the AI music company Suno. According to a report by 404 Media, the breach exposed internal source code and training-library details that detail how Suno gathered music, lyrics, and podcasts for its AI music generator.
The leaked data revealed extensive scraping instructions for platforms such as YouTube Music, Deezer, Genius, Pond5, Jamendo, and Freesound. One file reportedly listed more than 2 million music clips from YouTube Music alone. Additionally, the hacked material indicated that Suno had ingested over 113,000 hours of data from YouTube Music, with similar large datasets from other sources.
Podcasts were also targeted by Suno’s AI training process. The report stated that the company used PodcastIndex to identify around 420,000 podcasts and sought to download approximately one million hours of podcast audio. The hacker claimed to have accessed Suno's customer list, which included emails or phone numbers and some Stripe payment-related details.
The leak comes at a time when Suno is already facing major legal challenges from the music industry. In 2024, the Recording Industry Association of America (RIAA) and several major record companies sued Suno and Udio for using copyrighted songs to train their AI systems without permission. The RIAA accused Suno of directly ripping songs from YouTube.
Suno has argued that its models were trained on publicly available music files and metadata, with the claim that this use is protected by fair use. However, the leaked data could add new pressure to these legal disputes as it appears to show more detailed information about the scale and sources of Suno’s training material.
The hacker, who used the name ellie.191, claimed they breached Suno through a supply-chain attack using the Shai-Hulud worm. They stated that their motive was simply to hack 'anything and everything.' The breach also reportedly exposed customer data, including emails or phone numbers and some payment details.
Suno has not yet commented on the extent of the breach or its impact on operations. However, the company is likely to face increased scrutiny from both legal authorities and consumers as a result of this leak.




