A group of hackers claims to have broken into a Sony Web site and stolen the passwords and e-mail addresses of over 50,000 people.
The collective, called LulzSec, has posted a statement online saying it has broken into SonyPictures.com, compromising the personal information of over one million customers.
It also compromised all admin details of Sony Pictures along with 75,000 "music codes" and 3.5 million "music coupons".
However, "due to a lack of resource on our part" it only took the information - including passwords, e-mail addresses, home addresses, dates of birth, and Sony opt-in data - of a few thousand people.
The statement boasts that "SonyPictures.com was owned by a very simple SQL injection" and claims all the data stolen was unencrypted, stored in plaintext.
Says the group: "This is disgraceful and insecure: they were asking for it."
The attack comes on the heels of the massive data breach at Sony's PlayStation Network in April that saw the personal information of around 100 million people compromised and cost the firm an estimated $170 million.