Cryptocurrency Prices by Coinlib

Leaks Reveal Suno Fed Hundreds of Hours of Deezer, YouTube and Pond5 Knowledge Into Its AI – Decrypt

Briefly
A hacker utilizing the Shai-Hulud worm breached Suno in 2025 and leaked supply code exhibiting the platform scraped over 113,000 hours from YouTube Music, 62,000 from inventory library Pond5, and 12,000 from Deezer, amongst different sources.
The identical intrusion reached buyer emails, cellphone numbers, and Stripe cost information for what the hacker describes as a whole lot of hundreds of customers.
Suno's personal California compliance disclosure had already acknowledged that its coaching information could embrace music “topic to mental property safety”
A hacker broke into AI music platform Suno and walked out with supply code that paperwork, in exact element, precisely the place the corporate's coaching information got here from.The breach was first reported by 404 Media, which reviewed the leaked information. It confirms what the music business had been saying in courts since 2024.The intruder claims to have used a bit of malware known as the Shai-Hulud worm—named after the big sandworms in Frank Herbert's Dune. Suno, one of many largest AI music mills on-line, lets customers kind a textual content description and obtain a full track in seconds; constructing that functionality required a considerable coaching dataset—a set of audio information used to show the mannequin what completely different genres and kinds sound like.The leaked materials consists of scraping directions and inner logs from 2023 and 2024, providing a uncommon take a look at how these pipelines are literally assembled.The dataset breakdown is restricted. In accordance with inner file feedback reviewed by 404 Media, the coaching library included 113,879 hours of YouTube Music, 152,162 hours of tagged YouTube tracks, 62,117 hours from inventory music library Pond5, 12,287 hours from Deezer, and 17,615 hours in a dataset labeled genius_hq, related to materials collected via Genius. The code additionally documented plans to obtain roughly 1 million hours of podcast audio through RSS feeds.
‼️ BREAKING: A hacker breached AI music firm Suno utilizing the Shai-Hulud worm and launched supply code exhibiting how its coaching set was constructed:
– 113,879 hours of YouTube Music- 62,117 hours of Pond5- 12,287 hours of Deezer- plus Genius lyrics and a plan to obtain roughly… pic.twitter.com/iSbM8EHeeQ
— Worldwide Cyber Digest (@IntCyberDigest) July 16, 2026One inner file monitoring YouTube Music ingestion alone logged 2,013,545 music clips. That is hundreds of thousands of recordings overlaying many years of audio—and the urge for food wasn't restricted to music.The hacker claimed to have accessed data related to a whole lot of hundreds of consumers, together with emails, cellphone numbers, and Stripe-related info. Suno disputes that delicate private info was compromised.The corporate says it recognized the incident in November 2025 and known as it “restricted.” Suno decided the publicity primarily concerned outdated supply code now not in use and concluded that particular person buyer notifications weren't required beneath relevant privateness legal guidelines. Customers are solely discovering that out now, via information protection.Here is the factor: Suno had already advised anybody prepared to learn its personal web site that one thing like this was taking place. Underneath California's AB 2013 legislation—which requires AI firms to reveal their coaching practices—the corporate publicly acknowledged that its coaching information could embrace music “topic to mental property safety,” and listed the corpus at tens of hundreds of thousands of publicly out there music audio information. What the hack provides is specificity: The authorized submitting was obscure by design, and the leaked code just isn't.The scope of AI music coaching was already turning into clear earlier than anybody breached something. In June 2026, The Atlantic revealed 4 searchable databases documenting music used to coach AI fashions—one containing 12 million tracks, one other with 9 million, and two extra with round 100,000 every. You would search for your favourite artist earlier than a hacker handed anybody supply code.The Recording Business Affiliation of America had alleged in a 2025 modification to its authentic 2024 lawsuit towards Suno that the corporate was ripping songs straight from YouTube—an accusation Suno contested beneath a good use protection. The swimsuit sought $150,000 per infringement incident. The hacked supply code corroborates the RIAA's central allegation.Udio, which was focused in a parallel lawsuit filed by the identical major-label coalition, settled with Warner Music in November 2025 and is now transitioning to a licensed platform. Suno's case with Sony and UMG stays energetic in federal courtroom; the corporate's valuation sits at $5.4 billion with round 100 million customers on the platform.Suno didn't instantly reply to a request for remark by Decrypt.Each day Debrief NewsletterStart day by day with the highest information tales proper now, plus authentic options, a podcast, movies and extra.