Sony's US-based PlayStation website has been among those hit in the latest round of SQL-injection attacks this week, according to security firm Sophos.
Reports of SQL-injection attacks have continued to rise sharply over the past few months.
Sophos said it was tracking a large number of websites around the world that were injected this week with malicious code aimed at stealing credit card details.
The malicious code displays a virus infection warning to scare users into paying with their credit cards for a bogus security product to fix the problem.
Sophos said the Sony PlayStation site was not specifically targeted and pages promoting the SingStar Pop and God of War games were now clear of infection.
Graham Cluley, technology consultant at Sophos, said, "It is essential that all websites, especially high-profile ones like this, have been properly hardened to prevent hackers from injecting malicious code."
Sophos has posted guidelines on its website on how companies can protect their websites.