According to various articles floating on the web, Lulz Security has broken into SonyPictures.com, where it claims to have stolen the personal information of over 1,000,000 users -- all stored (disgracefull, hire me as security manager) in plain text format. Lulz claim to have done it by a simple SQL injection just as it happened the last time with Sony (When will you learn?).
A portion of the group's exploit is posted online in a RAR file, which contains over 50,000 email / password combos of unfortunate users. Some bloggers downloaded this file and claim to have verified these sensitive bits are now in the wild, though it remains unclear if what's published matches reality. In addition to user information, the group has hacked out over 20,000 Sony music coupons, and the admin database (including email addresses and passwords) for BMG Belgium employees. Just after restoring the PlayStation Network, we're guessing the fine folks in Sony's IT department are now surviving solely on adrenaline shots. :P