PSX-Scene forums reporting that "over 2.2 million customers' names, addresses, phone numbers and credit/debit card information is up for grabs to the highest bidder, including the crucial three digit CVV2 numbers."
diTii has reported that Sony confirmed the attack and the possibility of sensitive information including 'names, addresses, phone numbers' being stolen, but ruled out the possibility of credit/debit card information and urged its users to be aware of any email, telephone and postal scams that may ask users for sensitive information.
According to the PSX forum post, rumors are spreading through underground trading forums and on Twitter that the database is for sale, "a large section of the PSN database containing complete personal details along...are being offer up for sale." The post explains how the hackers allegedly attempted to sell the details to Sony for an unknown amount but failed to get a reply, so instead they're trying to sell them to anyone with enough money.
Kevin Stevens, a Security Researcher, tweeted, "Supposedly the hackers selling the DB says it has: fname, lnam, address, zip, country, phone, email, password, dob, ccnum, CVV2, exp date", but added that "it is not a rumor, it was a conversation on a criminal forum."