The group hackers Lulz Security announced to have attacked SonyPictures.com's servers. They would have seized more than one million email addresses and passwords, including the account information of the Dutch website of Sony BMG. They have even published a list of 365 Dutch passwords and usernames. 

Lulz Security was previously responsible for hacking the websites of Sony Music Japan, the U.S. public broadcaster PBS and Fox TV station. Sony itself says that since this attack there have been at least four attacks on the network. Sony is also aware of this claim and will start an investigation. 

According to Lulz Security Sony is asking for it, because data is stored as plain text and there is no code behind it, so the data can be included (once hacked). That is disgraceful and insecure and asking for trouble according to Lulz Security. What is rather disgraceful and is asking for trouble seems to be the unnecessary damage that can be caused by publishing the passwords and accounts of the users. Moreover the purpose behind it is – to put it mildly – doubtful and in contrary to the (Dutch) law (Personal Data Protection Act).

References: Nu.nl and BBC.co.uk