Suno AI Breach Reveals 358,000 Hours of Music Training Data

John NadaBy John Nada·Jul 16, 2026·3 min read
Suno AI Breach Reveals 358,000 Hours of Music Training Data

Suno's breach exposed 358,000 hours of scraped music data, fueling legal battles over copyright in AI training.

Suno, a prominent AI music platform, finds itself in the spotlight after a hacker using the Shai-Hulud worm leaked sensitive data showing how extensively the company scraped audio content from major platforms. In this 2025 breach, Suno's source code unveiled the use of 113,879 hours from YouTube Music, 62,117 hours from Pond5, and 12,287 hours from Deezer, as reported by Decrypt.

The hacker also claimed to have accessed extensive customer information, including emails, phone numbers, and Stripe payment data, affecting potentially hundreds of thousands of users. Suno disputes that sensitive personal information was compromised and insists the breach involved outdated code. Nevertheless, the breach has raised significant concerns about the security measures and data handling practices of major AI platforms.

This incident underscores the tension between AI innovation and intellectual property rights, a conflict simmering since Suno's 2024 court scuffles began. The Recording Industry Association of America (RIAA) had alleged in its lawsuit that Suno was unlawfully ripping tracks from YouTube, a claim now supported by the leaked source code. The RIAA's lawsuit seeks damages of $150,000 per infringement, highlighting the potentially vast financial repercussions for Suno.

Beyond music, the breach also revealed Suno's ambitions to broaden its data collection to include approximately 1 million hours of podcast audio via RSS feeds. This expansion into podcasting further stokes the debate over the boundaries of fair use and the ethical sourcing of training data, particularly as the lines between personal and public data become increasingly blurred in the digital age.

Financially, this throws a spotlight on the precarious balancing act technology companies must perform between innovation and legality. As Suno grapples with ongoing legal challenges from Sony and UMG, the implications of this breach could ripple through the AI music industry. Suno's valuation, reported at $5.4 billion, and its user base of around 100 million, underscore the high stakes involved.

The breach also sends ripples through the broader AI industry, drawing attention to similar practices by other companies. Udio, another AI music platform, faced a parallel lawsuit and settled with Warner Music, highlighting the growing scrutiny on AI-generated music and its reliance on copyrighted content.

Suno did not immediately respond to a request for comment by Decrypt. However, the ongoing legal battles and the revelations from the breach are likely to keep the company in the public eye, as both industry stakeholders and consumers alike grapple with the implications of AI's role in the creative arts.

As the industry continues to evolve, the Suno breach serves as a cautionary tale about the potential risks and responsibilities associated with leveraging vast datasets to power AI technologies. With the legal landscape still developing around AI and intellectual property, companies like Suno must navigate these waters carefully to avoid costly and damaging consequences.

Scroll to continue