MICHAEL Jackson's entire back catalogue has been stolen.
Sony music suffered its second major security breach in a year, with thieves targeting songs and unreleased material by the superstar singer.
It's alleged they downloaded more than 50,000 music files, worth £160million, in the biggest ever cyber attack on a music company.
The news comes just a year after Sony paid £250million for the seven-year rights to the songs following Jacko's death.
The contract with Jackson's estate also allowed them to release 10 new albums, including material from studio sessions produced during the making of some of the star's biggest albums.
The singer, who died in June 2009 at the age of 50, had recorded unreleased duets with artists ranging from the late Freddie Mercury and Black Eyed Peas singer Will.i.am.
In April the details of 77million gamers were stolen after Sony's PlayStation Network was hacked. The breach cost Sony £106million and hugely damaged their reputation.
The attack on the Jackson files occurred shortly afterwards but has not been revealed until now.
The hack was discovered during routine monitoring of social networking sites, Jackson fan sites and hacking forums.
A source close to the company said: "Everything Sony purchased from the Michael Jackson estate was compromised.
"It caused them to check their systems and they found the breach. There was a degree of sophistication.
"Sony identified the weakness and plugged the gap."
The hack has compromised the work of other artists managed by the firm, including songs by Jimi Hendrix, Paul Simon, Olly Murs, the Foo Fighters and Avril Lavigne.
The source added that the second breach happening so soon after the first "would have made investors and artists think, 'What other part of Sony isn't secure?'"
Last night Sony admitted there had been a security breach and that the Michael Jackson material had been stolen but refused to say how much the hackers downloaded.
A source within the company said that although the Jackson estate had been told about the hack the company did not have to make the knowledge public as there was no customer data involved.
They added that computer experts had traced the hack to the UK by examining a "fingerprint" allegedly left behind.
The Serious Organised Crime division took up the case and two men appeared in court last week charged with offences under the computer Misuse Act.
They denied all charges and were remanded on bail.