Leaked Data Suggests Suno May Have Used YouTube Content to Train Its AI Music Model

A newly surfaced hack suggests that the AI music generator Suno may have scraped YouTube content to help train its music-generation model, raising fresh questions about copyrighted data, AI training practices, and creator rights.

Jul 15, 2026 - 21:30
 9
Leaked Data Suggests Suno May Have Used YouTube Content to Train Its AI Music Model
Image Credits: Suno

AI music generation startup Suno has reportedly suffered a security breach, according to a report published by 404 Media.

The individual behind the hack told the publication that they carried out a supply chain attack in November, gaining access to an employee’s credentials. That access allegedly exposed internal source code suggesting Suno collected decades of audio content from platforms including YouTube Music, Deezer, Genius, podcast RSS feeds, and stock music libraries to train its AI models.

Suno has previously acknowledged that its AI systems are trained using “publicly available music files” found across the internet, maintaining that such use is protected under the fair use doctrine of U.S. copyright law. However, the major record labels currently suing the company argue that deliberately bypassing YouTube’s protections against automated data scraping violates the Digital Millennium Copyright Act (DMCA) as well as YouTube’s terms of service.

Suno is not the only AI music company facing such allegations. Rival Udio has also been accused of scraping YouTube content for AI training purposes. Meanwhile, Google, which owns YouTube, continues to face multiple copyright lawsuits from major book publishers over claims that copyrighted material was used to train its AI systems. According to the report, the attacker also gained access to customer information, including email addresses, phone numbers, and partial credit card details stored through Stripe.

Suno did not notify customers about the November 2025 security breach. The company has described the incident as a “limited security incident that was quickly contained.”

What's Your Reaction?

Like Like 0
Dislike Dislike 0
Love Love 0
Funny Funny 0
Angry Angry 0
Sad Sad 0
Wow Wow 0
Shivangi Yadav Shivangi Yadav reports on startups, technology policy, and other significant technology-focused developments in India for TechAmerica.Ai. She previously worked as a research intern at ORF.