Skip to content
This week I recommend: Neural Frames
The AI Musicpreneur
AI Music News

Suno hack exposes source code showing it scraped YouTube Music, Deezer, and Genius

3 min read Published By Christopher Wieduwilt
Suno brand graphic reading Make any song you can imagine, from the AI music generator hit by a source code hack
Image: Suno

A hacker broke into Suno and walked out with the source code behind one of the biggest AI music generators on the internet. On July 15, 2026, 404 Media reported that the leaked data spells out where Suno pulled its training material: YouTube Music, Deezer, Genius, and a stack of stock and podcast libraries. The same breach exposed data on hundreds of thousands of paying customers.

For two years Suno has fought the record industry over how it trained its models. The leak answers the question its lawyers kept sealing.

What the leaked Suno source code shows

The hacker shared Suno’s training-library data with 404 Media. The code lists the sources Suno scraped for songs and lyrics: YouTube Music, Deezer, and Genius, plus the stock libraries Pond5, Jamendo, and Freesound, the International Music Score Library Project, and podcasts pulled through RSS feeds. Digital Music News, reviewing the same data, reported the hour counts for each source.

Leaked Suno source code listing training-data hours scraped from YouTube Music, Genius, Deezer, Pond5, Jamendo, and IMSLP
The leaked Suno prep_data code, showing hours of audio pulled per source. Image: 404 Media

The breach went past training data. The hacker said they reached Suno’s customer records too, including emails, phone numbers, and Stripe payment details for hundreds of thousands of users.

Suno played it down. A spokesperson told 404 Media the company learned of the breach in November and contained it quickly.

Outdated source code that is no longer in use at Suno.
— Suno spokesperson, to 404 Media

The company said no sensitive user information was compromised because it does not retain full credit card numbers, and that it did not feel obligated to notify users given the limited breach.

Why the leak lands in the middle of Suno’s lawsuits

Suno is defending itself against the major labels, who accuse it of training on copyrighted songs and are seeking damages that could reach $9 billion. In court, Suno already admitted it trained on “essentially all music files of reasonable quality” on the open internet. That admission was abstract. The leak attaches names and hour counts to it.

One name in the leak is already a plaintiff. Jamendo, the Creative Commons music platform, is separately suing Suno over training data, and its library shows up in the scraped sources. A class action from independent artists is running in parallel.

Frequently asked questions

What did the Suno source code hack reveal about its AI training data?

Leaked source code showed Suno scraped decades of music and podcasts to train its models, including 113,879 hours from YouTube Music, 17,615 hours from Genius, and 12,287 hours from Deezer. It also pulled from the stock libraries Pond5, Jamendo, and Freesound, the International Music Score Library Project, and podcasts through RSS feeds.

How did Suno respond to the 2026 source code breach?

Suno said it learned of the breach in November and quickly contained it. A spokesperson said the leak mostly exposed outdated source code no longer in use, claimed no sensitive user data was compromised, and said the company did not notify users because it considered the breach limited.

Was Suno customer and payment data exposed in the hack?

The hacker said they accessed data on hundreds of thousands of customers, including emails, phone numbers, and Stripe payment details. Suno said it does not retain full credit card numbers and that no sensitive information was compromised.

How does the Suno hack affect the record labels' copyright lawsuits?

The leak names the exact sites Suno scraped and how many hours it took from each, which is what the record labels suing Suno have long alleged. Suno already admitted in court that it trained on essentially all music on the open internet, so the leaked detail could surface as evidence in those cases.

About the author

Photo of Christopher Wieduwilt

Christopher Wieduwilt

AI Music Educator & Journalist

Covering AI music tools, industry shifts, and news for music creators and professionals. Twice-weekly newsletter at aimusicpreneur.com.

Share this article

Free newsletter

The AI music tools & news worth your time — 2× a week, read by 2,000+ pros.