Hack suggests AI music generator Suno scraped YouTube for training data
Hack suggests AI music generator Suno scraped YouTube for training data
黑客攻击暗示 AI 音乐生成器 Suno 抓取 YouTube 数据用于模型训练
The AI music generator Suno was hacked, according to a report from 404 Media. The hacker told the publication that they used a supply chain attack in November to access an employee’s credentials, allowing them to then access source code showing how Suno allegedly scraped decades of audio from YouTube Music, Deezer, Genius, stock music libraries, and podcast RSS feeds. 据 404 Media 报道,AI 音乐生成器 Suno 遭到黑客攻击。黑客向该媒体透露,他们于去年 11 月利用供应链攻击获取了一名员工的凭据,进而访问了源代码。这些代码显示,Suno 涉嫌从 YouTube Music、Deezer、Genius、库存音乐库以及播客 RSS 源中抓取了长达数十年的音频数据。
Suno previously admitted that it trains its AI on “publicly available music files” on the open internet, arguing that it can train on copyrighted material under the fair use doctrine, a subjective carve-out of copyright law. But according to the major record labels actively suing Suno, it is illegal under the Digital Millennium Copyright Act (DMCA) to deliberately circumvent YouTube’s protections against data scraping; it also violates YouTube’s terms of service. Suno 此前曾承认其 AI 模型是在互联网上“公开可用的音乐文件”上进行训练的,并辩称根据版权法中主观的“合理使用”原则,其有权使用受版权保护的材料进行训练。但据目前正在起诉 Suno 的各大唱片公司称,故意绕过 YouTube 的数据抓取保护措施违反了《数字千年版权法》(DMCA),同时也违反了 YouTube 的服务条款。
Udio, a competitor to Suno, has also been accused of scraping YouTube data. Google, the parent company of YouTube, faces similar allegations of copyright infringement from a variety of major book publishers. Suno 的竞争对手 Udio 也被指控抓取 YouTube 数据。而 YouTube 的母公司谷歌,也正面临多家大型图书出版商提出的类似版权侵权指控。
The hacker reportedly accessed customer data including customer emails, phone numbers, and partial credit card numbers in Stripe. Suno did not notify customers about the November 2025 breach and claims that this was a “limited security incident that was quickly contained.” 据报道,黑客获取了客户数据,包括客户电子邮件、电话号码以及 Stripe 中的部分信用卡号。Suno 并未就 2025 年 11 月发生的此次泄露事件通知客户,并声称这是一起“很快得到控制的有限安全事件”。