Sony is facing harsh criticism after revealing that hackers may have stolen the data of another 25 million users.
It is Sony's second massive security breach after a cyberattack on its Sony PlayStation Network two weeks ago, where hackers stole data belonging to 77 million accounts.
The second breach, this time of the Sony Online Entertainment network, may also have led to the theft of 10,700 direct debit records from customers in Austria, Germany, the Netherlands and Spain and 12,700 non-U.S. credit or debit card numbers, Sony said.
Investors said Sony and chief executive Howard Stringer had botched the data security crisis, a further blow for the company which has struggled in the electronics market against rivals Nintendo, Samsung and Apple.
"The way Sony handled the whole thing goes to show that it lacks the ability to manage crises," said Michael On, a fund manager at Beyond Asset Management in Taipei.
"The current CEO should step down after the hacker problems and the company's failure to push out products that are competitive."
The Sony Online Entertainment network, the victim of the latest break-in, hosts games such as "EverQuest" played over the internet on PCs.
Sony said late on Monday that the names, addresses, emails, birthdates, phone numbers and other information from 24.6 million PC games accounts may have been stolen from its servers as well as an "outdated database" from 2007.
Sony spokeswoman Sue Tanaka said the company has taken precautions such as firewalls to limit risk to other data, but said Sony could not be certain.
"They are hackers. We don't know where they're going to attack next," Tokyo-based Tanaka said.
Sony is trying to repair its tarnished image and reassure customers who might be pondering a shift to Microsoft's Xbox.
Sony was also forced to suspend its Sony Online Entertainment games on Facebook and posted a message on the social network saying it had to take down the games during the night.
Facebook games make money from microtransactions and the sale of virtual goods like costumes and weapons.
It was not immediately clear if the data theft included data from players of Sony games including "PoxNora," "Dungeon Overlord," "Wildlife Refuge" on Facebook.
Facebook could not immediately be reached for comment.
The servers for both the Online Entertainment unit and the PlayStation Network are based in San Diego but are completely separate, said Sony's Tanaka.
Sony has also denied on its official PlayStation blog that hackers had tried to sell it a list of millions of credit card numbers.
The PlayStation Network incident has also sparked legal action and investigations by authorities in North America and Europe, home to almost 90 per cent of the users of the network.
Sony has been criticised for only alerting customers a week after discovering the PlayStation breach, where hackers stole names, addresses, passwords and possibly credit card numbers belonging to 77 million users.
Sony executives have apologised and said the company would gradually restart the PlayStation Network with increased security and would offer some free content, but some users were still unimpressed.
"As much as I think what the hackers did was downright criminal, the fact of the matter is they have done a marvellous job of showcasing Sony's ignorance," one contributor named Tokyo Guy posted on the Engadget technology website.
"The point needs to be made that if Sony is this incompetent, then they deserve to be sued and fined and lose all their money. It's pathetic."