The group claims to have attacked the sonypictures.com website, allowing access to more than one million passwords, email addresses, home addresses, dates of birth, and "all Sony opt-in data" associated with the attacked accounts.
The statement released by Lulz Security on pastebin.com, a website designed as a place for computer programmers to store text, calls the hack an "embarrassment" to Sony.
It said: "We also compromised all admin details of Sony Pictures (including passwords) along with 75,000 ‘music codes’ and 3.5 million ‘music coupons’.
"Every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it."
"We were unable to fully copy all of this information, however we have samples for you in our files to prove its authenticity."
Yesterday, the group tweeted its actions to inform people of the breach it had created: "1,000,000+ unencrypted users, unencrypted admin accounts, government and military passwords saved in plaintext. #PSN compromised. @Sony"
Jim Kennedy, executive vice president of global communications for Sony Pictures Entertainment, said: "We are looking into these claims."
The Lulz Security site, http://lulzsecurity.com, is currently offline.
Sony's current woes began in April when hackers took the details of around 77 million users of its PlayStation Network and Qriocity services.