Sony has warned users of its PlayStation Network that their personal information, including credit card details, may have been stolen.
The company said that the data might have fallen into the hands of an "unauthorised person" following a hacking attack on its online service.
Access to the network was suspended last Wednesday, but Sony has only now revealed details of what happened.
Users are being warned to look out for telephone and e-mail scams.
In a statement posted on the official PlayStation blog, Nick Caplin, the company's head of communications for Europe, said: "We have discovered that between April 17 and April 19 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network".
The blog posting lists the personal information that Sony believes has been taken.
- Name
- Address (city, state/province, zip or postal code)
- Country
- E-mail address
- Date of birth
- PlayStation Network/Qriocity passwords and login
- Handle/PSN online ID
Mr Caplin added: "It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained".
Credit cardsSony admitted that credit card information, used to purchase games, films and music, may also have been stolen.
"While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility," Mr Caplin said.
"If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may also have been obtained."