Resident of the world, traveling the road of life
69492 stories
·
21 followers

Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

1 Share
Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

The AI music generation tool Suno scraped millions of songs and lyrics from YouTube Music, Deezer, and Genius, as well as from the stock music libraries Pond5, Jamendo, Freesound, the International Music Score Library Project, and podcasts via RSS feeds, according to a hacker who breached the company and shared data about Suno’s training libraries with 404 Media. The hacker was also able to access user information for hundreds of thousands of Suno’s customers, as well as Stripe payment information, they said.

The hacked data is a rare look at exactly how AI models and tools are built. Suno is one of the largest AI music generation tools on the internet, and has been the subject of several major lawsuits from the record industry, which accused the company of training on millions of copyrighted songs. As part of these legal proceedings, Suno previously admitted that it was trained on “essentially all music files of reasonable quality that are accessible on the open internet,” which included a total of “tens of millions of recordings.” Suno has been making the argument that it is allowed to train on copyrighted works as fair use in those cases, one of which has been settled. 

The lawsuits have made clear that Suno did train on huge amounts of copyrighted works, but the hacked data shared with 404 Media sheds more light on how Suno scraped songs from the internet and where it took them from. The Recording Industry Association of America accused Suno of ripping songs directly from YouTube; the hacked data seen by 404 Media confirms this.

The hacked material includes source code that appears to be from 2023 and 2024 that includes scraping instructions and details about the scope of at least some of the scraping. For example, the comments in one file note that they will pull from “genius_hq, youtube_music, freesound, jamendo, imp, deezer, ytm_tagged,” and that “non-music will be filtered out.” A file called “youtube_music” notes that at the time the file was last updated, it had ingested “2,013,545 music clips.” Another file contains comments about different datasets Suno had created, which included “113,879 hours of youtube_music,” “17,615 hours of genius_hq,” “410 hours of free sound,” “19,514 hours of imslp,” “3,726 hours of jamendo,” “62,117 hours of pond5_music,” “12,287 hours of deezer,” “152,162 hours of ytm_tagged,” and “103 hours of musescore_lyrics.” In total, this is at least decades worth of music. 

Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

Other code the hacker shared with 404 Media appeared to look specifically for vocals by searching specifically for acapella versions of songs on YouTube. The code also suggested that Suno was using proxies to scrape songs from YouTube through a company called Bright Data, which sells scraping tools, infrastructure, and data services. Additional code shows that with the help of an online tool called PodcastIndex, Suno identified 420,000 different podcasts that had at least five, 30-minute episodes and sought to download roughly 1 million hours of podcasts.

It is unclear from the files seen by 404 Media exactly how Suno scraped files from each of the other platforms. Pond5 is a stock music and sound effects library owned by Shutterstock in which customers pay to access songs individually or can access a limited number of songs per month with a subscription. Pond5 claims it has 2.5 million music tracks; Suno’s data suggests that it scraped a substantial amount of the entire library. Genius, meanwhile, does not host songs directly on its website but allows Apple Music subscribers to play music through the website or to play samples of songs through Apple Music. 

Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

In one of its lawsuit filings, Suno said that its “training data includes essentially all music files of reasonable quality that are accessible on the open internet, abiding by paywalls, password protections, and the like, combined with similarly available text descriptions,” and that it was “constructed by showing the program tens of millions of instances of different kinds of recordings gathered from publicly available sources.” 

“For Suno specifically, this process involved copying decades worth of the world’s most popular sound recordings and then ingesting those copies into Suno’s AI models so they can generate outputs that imitate the qualities of genuine human sound recordings,” the RIAA wrote in its lawsuit against Suno. “And to make matters worse, Suno obtained those copies in the first instance by unlawfully ‘stream ripping’ them from the popular streaming platform YouTube, and circumventing the technological measures designed specifically to prevent such unauthorized copying.”

In a statement, a Suno spokesperson said “As we have stated in public filings and disclosures, Suno’s AI models have been trained on publicly available music files and related metadata accessible on third-party websites on the open Internet. In November of 2025, we determined that Suno had been the subject of a limited security incident that was quickly contained. At the time, we immediately conducted an investigation and verified that the incident primarily involved outdated source code that is no longer in use at Suno and that no sensitive personal information was compromised. Importantly, Suno does not have access to customers’ full credit card numbers in Stripe.” 

“Based on the limited nature of the customer information believed to be involved, we determined that individual notifications were not warranted under applicable privacy laws,” the Suno spokesperson added. Suno also sent a training data disclosure required under California law.

The hacker, ellie.191, told 404 Media they breached the company by hacking an individual employee using the Shai-Hulud worm, a supply chain attack that allowed hackers to harvest GitHub and cloud service credentials. They said they also accessed Suno’s customer list, which included customers’ emails and/or phone numbers and Stripe payment details, depending on what they used to login. The hacker provided a sample of some of the customers, some of whom confirmed to 404 Media they had used their phone number to sign up for Suno and said they were never notified of a breach. The hacker told 404 Media they had no specific motivation for hacking Suno and said “I like to hack anything and everything.”

404 Media has previously reported on leaked materials that showed Nvidia and Runway ML scraped YouTube en masse. For the most part, AI companies no longer deny training on copyrighted materials and instead make the argument that they are allowed to scrape artists’ work under fair use carveouts in copyright law. 

Last month, The Atlantic reported on several music databases that are widely used in AI training, consisting of millions of tracks: “Three of the datasets I found are distributed as a list of links to songs on YouTube or Spotify. AI developers download the actual audio using tools that automate the job, some of which allow developers to bypass logins, advertisements, and mechanisms that might earn money or subscribers for creators. Such tools violate the terms of service of these platforms. (The fourth dataset, the Free Music Archive collection, is distributed with MP3s.),” the author of The Atlantic piece wrote. It is unclear whether Suno used any of these datasets. 

The Suno spokesperson added that the company has worked to try to prevent users from generating songs that sound like existing songs. One of the contentions of several of the lawsuits was that Suno could be used to output songs that are nearly indistinguishable from existing works. “Our goal has always been to help people create original new music, not replicate someone else’s. That’s why we build our models around what we call ‘Original Creation, By Design.’ For example, we intentionally do not use artist names as a category of training metadata because we want our models to help people create brand new songs, not music that replicates other artists’ existing work,” the spokesperson said. “We believe artists deserve both new opportunities and strong protections. That's why we've invested in safeguards designed to help prevent impersonation, and other forms of misuse, while continuing to develop technologies for AI identification.”

Mikey Shulman, the CEO and founder of Suno, said on a podcast last year that he believes the “majority of people don’t enjoy the majority of the time they spend making music.”

Read the whole story
mkalus
2 hours ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Tourists and Traffic on a Street Leading Toward Higashiyama

1 Share

Michael Kalus posted a photo:

Tourists and Traffic on a Street Leading Toward Higashiyama

"Busy street scene leading toward the wooded hills of Kyoto's Higashiyama district with pedestrians, traffic and traditional streetscape. The photograph records an everyday detail of Kyoto beyond the city’s better-known postcard views.

Location: Higashiyama, Kyoto, Japan"



Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Visitors in Kimono at Chion-in

1 Share

Michael Kalus posted a photo:

Visitors in Kimono at Chion-in

"Visitors wearing kimono pause on the approach to Chion-in Temple in Kyoto while others make their way toward the historic temple buildings. The photograph places traditional Japanese dress within the movement and routines of contemporary city life.

Location: Chion-in, Higashiyama, Kyoto, Japan"



Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Coffee Roaster at % Arabica in Black and White

1 Share

Michael Kalus posted a photo:

Coffee Roaster at % Arabica in Black and White

"Monochrome view of the coffee roasting area inside % Arabica Kyoto. The scene documents Kyoto’s contemporary café culture and the visual details of the space.

Location: Kyoto, Japan"



Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Nathan MacDonough @ % Arabica (B&W)

1 Share

Michael Kalus posted a photo:

Nathan MacDonough @ % Arabica (B&W)



Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Terrorists are using AI — and the chatbot is killing them

1 Share

Today we have a report by Antonia Juelich at the Cambridge Programme on AI Science and Policy, CASP: “‘God has helped us, and so will AI’: How the Terrorist Group Boko Haram Uses Frontier AI”. Oh no! The bad guys have AI! [CASP, PDF, archive]

CASP’s organisational mission is to produce criti-hype — reports that act like they’re warning about AI, but their real job is to make the AI look super-cool. If the AI can work for terrorists, it can definitely do your TPS reports.

Juelich went to Nigeria and interviewed former members of the terrorist group Boko Haram about how the group had used chatbots in 2024 and 2025.

The 15 interviewees did not use the chatbot themselves. All of this is only these guys repeating their senior commanders’ stories of how they used the chatbot.

But it’s very scary, OK? Serious implications:

Terrorist adoption of AI has thus advanced further and more systematically than prior analysis has recognized, making it a present and growing reality that warrants attention from policymakers, security communities, and AI developers.

Let’s say the murderous terrorists are using the chatbot. But Juelich says “present reality” — not present danger. Is there any present danger? What are Boko Haram using the bot for?

It has aided in attack planning, weapons troubleshooting, and the design of explosive devices, as users have successfully circumvented some safeguards.

Sounds bad! So what precisely does that entail? Here’s the New York Times covering the report as serious evidence of AI being of substantial assistance to terrorism: [NYT, archive]

We saw in a movie how motorcycles can jump over bridges … We used A.I. to learn how to do this. We gave it information, like what motorcycles we use and the distance we need to jump and so on, and it gave us steps on what we have to do.

Sounds enabling! But the NYT left off the punchline — what happened next:

We dug holes and filled them with broken glass and fire to practice. 18 of us died in the process. Eight of us managed to do it.

The chatbot’s advice killed two-thirds of the squad! A chatbot took out 18 terrorists without firing a shot.

Why did the bot suggest practicing with a flaming pit full of broken glass? Because Boko Haram got the AI to tell them this by asking for script ideas for an action movie. That was their jailbreak.

They could have filled the pits with water or something for practice. But no, the bot said fire and glass, so they used fire and glass.

I can appreciate the researcher not saying to the murderous terrorists’ faces, “that’s really dumb.” But it’s really very dumb.

At this point I’m wondering if the terrorists are having a lend of the researcher. I expect it gets boring out there between strikes, you’ve got to have your fun.

Leaping a firepit is literally the example the New York Times used to make the chatbot sound dangerous. They go straight from this very dumb story to calling chatbots “digital nuclear weapons.”

What Boko Haram does with this “digital nuclear weapon” is just use it as a fancy search engine:

when ISWAP fighters were handed out new guns and they did not know how to correctly use them, they approached their qaid, who passed on the message to a specialist, who in turn replied, “just ask Grok,” which they then did.

Using Grok? Sounds like a win — for their opponents.

Is AI making Boko Haram more dangerous than other training methods they have access to would have? Well, we can’t actually say that:

These perceptions and revealed preferences indicate uplift, though it is important to note that it cannot be conclusively determined.

Juelich just admitted her 93-page report doesn’t show that anything happened.

But the perception itself matters, since the belief that AI improves performance drives institutional investment and potentially the pursuit of higher-risk capabilities.

CISP is saying that the real threat is thinking the AI works. That sounds like we can fight terrorism by telling people that AI is lying trash.

Let’s be clear what happened here — Boko Haram used chatbots that had read the whole Internet and answered questions. That is, a search engine, reading existing information.

That’s a sort of threat? But so is reading in general. And if Boko Haram have chatbots, they have the internet.

The substantial threat is Boko Haram’s disregard for their own members’ lives. I’m pretty sure that’s what makes the group a serious threat.

Not one bit of the problem here is AI. That’s just CASP’s hook to make the report sound scary.

You definitely need to fund CASP to do more research into how frightening the AI is! Lack of funding is the true terrorist threat.

Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete
Next Page of Stories