How Suno AI Trained On Scraped YouTube And Deezer Songs

3

It is out. No more guessing games about how those viral AI tracks sound so uncanny.

A breach of Suno’s source code just dropped. It reveals exactly what fed the model. The data isn’t synthetic. It’s millions of real songs. Stolen. Scraped. Accumulated from the platforms you actually use.

Why the Suno source code hack matters for copyright

The hacker, known online as ellie.191, exploited a supply chain vulnerability in November 2021. The payload opened a backdoor to old directories. 404 Media got their hands on the screenshots. The timestamps confirm this isn’t new tech from yesterday. This training data goes back to 2023 and ongoing into 2024.

The folders don’t lie.

One directory named “youtube_music” held over 2 million audio clips. Another file tracked 17,000+ hours of content scraped directly from Genius HQ. The Deezer streams account for another 12,000+ hours. Pond5 —owned by Shutterstock—contributed more than 62,0 Universal Music Group sued Suno months ago.

“Suno’s music generative models are trained on publicly accessible music files…”

They claimed the internet was open for the taking. They claimed “fair use.” But fair use is a legal shield, not a permission slip. Not when you are ingesting the lifeblood of entire studios without a dime changing hands.

The hacker didn’t just grab the music. They got customer records. Payment details stored with Stripe.

Suno moved fast on the PR side. They told CNET it was “outdated code.” They said it wasn’t used in their current pipeline. They argue no sensitive personal info was compromised enough to trigger mandatory user notifications. That feels convenient. Too convenient. It is a black box company pointing at an empty server rack.

Who really owns AI music training data

The industry is breaking.

Big labels—Universal, Sony, Warner—they represent the giants. Their lawsuits say Suno took copyrighted material without consent. No license. No deal. Just taking.

Suno pushes back. They point to court rulings that helped Meta and Anthropic survive similar claims last summer. They say the precedent protects them. But precedent changes. Laws are written in ink. Code is written in silicon. The latter is easier to scrape. The harder to police.

Have you noticed the style filters?

You cannot ask Suno for a song that sounds like Taylor Swift. They built guardrails against deepfakes. Explicit copying is blocked. But the model knows the sound because it heard it. 62,00 hours of it. It learned the texture of the theft before it learned how to mimic the result.

It creates cheap imitations. People call it slop. Artists call it existential.

How the supply chain attack worked

ellie.191 didn’t guess a password. They poisoned the chain. A compromised package. A trusted dependency updated with malware. It is how these things happen. Always.

The breach happened late 2023. The code accessed in late 2021 is a ghost. Or Suno says it is. The data inside proves the scale. The source code is static. The accusations are dynamic.

The legal teams call the leak “not materially new.” Suno posted their training methods online already. Sure. A vague sentence about “third-party websites.” Not a list of folders containing two million clips of YouTube Music streams. Not the exact hours pulled from Genius lyric pages.

Specifics are the enemy of ambiguity. This hack provided specifics.

The creative industry is at war. Tech executives want to democratize creation. Musicians want to keep their copyright. Neither side is moving. The servers spin. The models learn.

Did the breach stop them? No. Suno still operates. The lawsuits still drag on.

The songs still play.

Someone’s voice. Someone else’s song. Now just a ghost in the machine.