Reported Suno code names YouTube Music, Deezer and other data sources, but its legal force depends on authentication, work-level matches and proof of how the files were obtained.
youtube_music file and 113,879 hours under the same dataset label.Reported source code from 2023 and 2024 names YouTube Music, Deezer, Genius and several stock or public libraries as inputs to Suno's AI music operation. The files supply a collection map that Suno's earlier open-internet disclosure did not, but they are not a verified inventory of unique recordings or a finding that any collection method was unlawful.
The evidence chain begins with a hacker using the name ellie.191, who gave files to the publication that reported reviewing them. Much of the subsequent coverage in the retained record repeats that review. Suno confirmed a security incident, but its archived statements do not authenticate the individual dataset labels or volumes.
That distinction matters because the strongest new claims come from comments and logs in code rather than from a court filing, platform record or public dataset. One file named youtube_music reportedly said 2,013,545 music clips had been ingested when it was last updated. Another listed these volumes:
| Dataset label | Hours logged |
|---|---|
youtube_music | 113,879 |
ytm_tagged | 152,162 |
pond5_music | 62,117 |
imslp | 19,514 |
genius_hq | 17,615 |
deezer | 12,287 |
jamendo | 3,726 |
free sound | 410 |
musescore_lyrics | 103 |
The labels do not establish a clean total. The reports do not say whether the sets overlap, whether every logged hour was retained for model development, or whether every file came from the service suggested by its label. The code also reportedly used PodcastIndex to assemble about 420,000 podcasts and attempted to download roughly one million hours of audio. An attempted target is not an achieved total.
Other reported instructions are more specific about collection. They describe searches for a cappella versions of songs on YouTube, apparently to isolate vocals, and the use of Bright Data proxies to scrape music. Yet the detailed account of the files says it remained unclear how Suno collected from the other named platforms. The record also does not quantify acquisition cost, compute expense or how much any source affected model performance, so the logs cannot establish a cost advantage over licensed data.
Suno had already said its training data included “essentially all music files of reasonable quality that are accessible on the open internet,” while asserting that training on copyrighted works is fair use. Its California training-data disclosure acknowledged tens of millions of publicly available music files and that the material may be protected by intellectual-property rights, as a review of that disclosure noted. The hack's novelty is therefore alleged provenance and machinery, not the basic fact that copyrighted music was involved.
Universal Music Group and Sony Music Entertainment remain in the RIAA-coordinated case against Suno. Their amended complaint alleges that Suno obtained recordings through “stream ripping” while circumventing YouTube's rolling cipher, which is designed to prevent unauthorized downloading. That anti-circumvention theory is distinct from the dispute over whether copying works for model development is fair use.
Reported code connecting YouTube searches with proxy infrastructure could help investigators test the labels' account. It still does not prove that a particular protected recording was copied, that the rolling cipher was bypassed in a particular transaction, or that the copying was legally infringing. A dataset name is a lead, not chain-of-custody evidence.
The paid services in the logs create another unresolved comparison. Suno said it gathered open-internet material while “abiding by paywalls, password protections, and the like,” but Deezer and Pond5 require payment for access. Their names in code do not show whether Suno held accounts, obtained files elsewhere or crossed an access control. The collection route has to be established before the apparent tension can become proof.
Suno's response addresses outputs rather than acquisition. The company said it does not use artist names as a category of training metadata and built filters intended to stop artist, song and album names in prompts and prevent uploads matching existing works, according to its statement about product safeguards. Those measures may reduce direct imitation by users; they do not establish how the training files were obtained.
Suno is not the only AI music company facing this acquisition theory. Udio has also been accused of scraping YouTube, as the comparison in event coverage notes. That alternative limits any claim that the reported pipeline was uniquely Suno's, while leaving each company's conduct to be proved separately.
The hacker said the November 2025 entry began with a supply-chain attack that captured an employee's credentials. One account identifies the tool as the Shai-Hulud worm and says the hacker claimed to have obtained emails, phone numbers and Stripe records; it also records the hacker's stated lack of a Suno-specific motive in its description of the intrusion.
The archived reports do not use identical language for the payment data. The original account says “Stripe payment information,” while another describes partial credit-card numbers. Suno says it cannot access customers' full credit-card numbers in Stripe. Those statements can coexist and still leave the accessed fields unknown.
Suno called the incident limited and quickly contained. It said its investigation found that the incident primarily involved outdated code no longer in use, that no sensitive personal information was compromised and that individual notifications were not warranted under applicable privacy laws. Some people contacted after their records were reportedly found confirmed they were Suno customers and said they had not received a breach notice, according to the account carrying both sides' statements.
That does not independently verify the hacker's claimed access to hundreds of thousands of customer records, nor does Suno's reference to full card numbers answer whether contact information or other Stripe fields were exposed. Resolving the breach question requires a field-level forensic account and the privacy-law analysis Suno used when deciding not to notify individuals.
The reported files arrive as Suno has the resources and user reach to keep fighting. The company was reported to be valued at $5.4 billion with about 100 million users, while a separate account of its legal position and product describes a service that creates full tracks from text prompts. Suno also raised more than $400 million in June.
That financing is material to the company's capacity, not evidence that its legal defense will prevail. UMG and Sony have asked to expand their case from 560 works to 61,026 identified through audio fingerprinting. Applying the maximum statutory award to every proposed work produces a theoretical total above $9 billion, but the court has not allowed that expansion and the ceiling is not a prediction of liability or damages.
Founder and CEO Mikey Shulman has said he believes “the majority of people don’t enjoy the majority of the time they spend making music,” as one account records. That product thesis helps explain Suno's pitch, but it does not address how training inputs were licensed or acquired.
The industry's choices are already diverging. Warner Music, once a plaintiff, left the Suno case after a November 2025 settlement and licensing partnership, while UMG and Sony continued, as the current case context records. Licensing is therefore a demonstrated alternative to litigating through judgment, not a hypothetical end state.
Suno also faces a narrower claim from a named source in the logs. Jamendo sued in June, alleging that Suno trained on roughly 55,600 tracks available under a noncommercial academic license without buying a commercial license, and is seeking at least €17.8 million. The jamendo label gives that plaintiff a reported point of correspondence to investigate; it does not prove that the code's files and the works in the complaint are the same.
The company has continued distributing the product during the disputes, including through a new iMessage integration described in coverage of the hack and product update. But the retained evidence contains no subscription-price comparison, per-song generation cost or licensing proposal. It cannot show whether unlicensed collection was necessary to Suno's economics or how a licensed model would change prices.
The reported code will become materially stronger evidence only if it can be authenticated, placed in a reliable chain of custody and tied to actual collection runs. Investigators would then need to remove overlap, match files to protected works and establish how each platform's access controls operated when the material was obtained.
The same discipline applies to the breach. A forensic inventory of accessed fields, rather than the hacker's description or Suno's categorical assurance, is needed to assess notification duties.
Until those steps are completed, the files sharpen questions that were already before courts and negotiating tables. They reportedly identify collection targets and infrastructure, but they are not yet a complete training inventory, proof of circumvention, a customer-data audit or a verdict on fair use.
Get concise AI news and useful context from the Magica team.
Read the newsletterOpenAI has put conversations and Projects back in its redesigned ChatGPT desktop app and enabled cloud Work threads to move across devices, correcting the launch's biggest usability failures without merging local Work or Codex histories.
Meta reportedly plans to put departing AWS compute executive Dave Brown to work on its data-center buildout, adding hyperscale operating experience while leaving any customer-facing cloud business conditional and undefined.
China has paired a five-year AI training offer for developing countries with cooperation centers, a weather-warning rollout and a new 29-country organization. The package gives Beijing a platform for influence, but no budget, selection rules or delivery timetable has been published.
RoboTTT extends a robot policy’s visuomotor context to 8,000 timesteps and raises its average rubric score from 42% to 79%, but the evidence comes from three author-run assembly tasks and the longest task was completed in only two of ten trials.
Zhipu reportedly reached $1 billion in annual recurring revenue in July, roughly four times a March estimate, but the unconfirmed run rate is not annual sales and still sits far ahead of recognized cloud revenue while margins remain thin.
Nebius has arranged its first senior secured facility against an operating GPU deployment and one customer’s cash flows. The deal adds project-level debt to its expansion toolkit, but an unnamed customer and a larger rival financing limit what it proves about the rest of Nebius’s backlog.
Cursor says automatically running a repository-root git.exe on Windows does not meet its criteria for patching, while the researcher calls it an untrusted-search-path defect and separate research shows the same weakness across several competing AI coding tools.
Huawei publicly displayed a 16-cabinet Atlas 950 configuration rated at 1 EFLOPS in FP8, providing tangible evidence of its system-scale AI strategy while leaving price, power use and sustained workload performance undisclosed ahead of the full system's planned fourth-quarter release.
CIA Director John Ratcliffe said US intelligence is consistent with an estimate that Russian recruits last 20 to 30 minutes on Ukraine’s battlefield, but the public trail leads to an unsourced claim about assault troops and does not establish a representative average.
UK testing places leading open-weight models four to seven months behind selected closed-model cyber results, yet longer attack chains, U.S. benchmarks and mixed cost comparisons show why that interval is a warning signal rather than a universal capability clock.
TSMC reached the top of its second-quarter revenue guidance and raised its 2026 outlook, but a one-off investment gain boosted profit growth while the company committed more capital to 2-nanometer production, advanced packaging and an undated Arizona expansion.
Moonshot AI's Kimi K3 added to a global technology selloff with near-frontier performance, but unreleased weights, mixed cost comparisons and a recommended 64-accelerator deployment leave its effect on chip demand unresolved.
Moonshot AI has made Kimi K3 available through its apps and API, pairing a 2.8-trillion-parameter architecture with early frontier-level results, but the model's open-weight claim cannot be tested until its weights and technical report arrive.
Two binding EU decisions require Google to give rival AI services comparable access to 11 Android features and offer eligible search competitors a restricted, anonymized dataset, but phased deadlines, certification, pricing and privacy safeguards leave the competitive effect unproven.
Databricks has signed a term sheet for a Coatue-led financing at a $188 billion valuation, while unidentified sources put the round at $3 billion. The proposed capital would deepen its push into AI governance, data agents and operational databases, but the transaction remains open and the company supplied no new operating figures.
Netflix says generative AI workflows were used on roughly 300 titles in 2026, but its only quantified example tied to that disclosure covers 17 minutes and does not establish how much finished material, spending or labor changed across the slate.
Gemini 3.5 Pro missed its expected June rollout. An anonymous-source account says a late-June data change fell short of Google's coding goals, but Google has confirmed only partner testing—not the reported cause, a new date, or public results and pricing.
Google is bringing Gemini Omni editing and a reusable face-and-voice avatar to Vids, but the sharper distinction is account-level identity across Vids and Gemini rather than a new category of AI video; Vids already offered Veo generation and customizable avatars, while specialist rivals already sell digital presenters.
Intel plans to adopt Gemini Enterprise across engineering, supply-chain and corporate work while extending chip-simulation capacity into Google Cloud, but the companies supplied no rollout schedule, contract value or performance baseline.
The Navy has approved an immediate department-wide framework for turning data into operational effects, but the public rollout leaves budgets, owners, deadlines, performance measures and assurance rules to a promised implementation roadmap.