It was either:
A) A group of hackers who just wanted to screw with SONY, or
B) A group of hackers who were legitimately after useful data.
Obviously, those in group B are a concern. Those in group A... well, what better way to screw with SONY than to actually get the credit card numbers, abuse them, then leave SONY on the legal hook for not protecting consumer data? Even if they didn't set out to acquire something like credit card information, *if* they managed to access it, the temptation would be awfully, awfully sweet.
Either way, I wouldn't be a fan of those odds.