Sony has suggested a hacking group known as Anonymous planted a file on one of its servers, leading to a massive data breach that compromised the security of information on millions of accounts.

In a letter to a U.S. congressional subcommittee, the company said cyber vandals planted a file named Anonymous on one of its Sony Online Entertainment (SOE) servers, with the tag line, "We are Legion," which is used by the group.

ip-sony-yvsfvolb

Sony Computer Entertainment President and CEO Kazuo Hirai, centre, and two other executives bow in apology at a press conference held in Tokyo Sunday to address the outage and data breach of the company's PlayStation Network. (Shizuo Kambayashi/Associated Press)

Sony did not directly accuse the internet vigilante group of carrying out the attack.

"Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyberattack," the company told the House subcommittee on commerce, manufacturing and trade on Wednesday.

Intruders may have obtained personal information, including names, birth dates and email addresses — as well as credit and debit card data — from more than 100 million users of Sony's PlayStation Network and Qriocity music streaming services worldwide.

The SOE breach was discovered last week while Sony was investigating an earlier attack that compromised information on millions of accounts from its PlayStation video game network.

Sony has acknowledged it waited for two days before it reported the April breach to legal authorities.

Back in April, a YouTube video presumably posted by Anonymous admitted there was "ill will" between the group and Sony over the company's lawsuits against PlayStation 3 hackers, but denied involvement in any cyberattack.

A $1-billion class action lawsuit related to the Sony data breach was announced in Ontario on Tuesday on behalf of as many as one million Canadians.

As of Wednesday, Sony said, "the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack."