In what has to be the lamest excuse for a “penalty” ever, Sony BMG has been fined all of a whopping $1.5 million dollars for massively FUBARing at least hundreds of thousands of computer systems, and making them vulnerable to hackers.

Sony BMG Music Entertainment will pay $1.5 million and kick in thousands more in customer refunds to settle lawsuits brought by California and Texas over music CDs that installed a hidden anti-piracy program on consumers’ computers.

Not only did the program itself open up a security hole on computers but attempts to remove the software also damaged computers.

Announced Tuesday, the settlements cover lawsuits over CDs loaded with one of two types of copy-protection software — known as MediaMax or XCP.

Personally, I regard this as way too little punishment for what is no less that utterly callous disregard for the security of computer systems everywhere. Sometimes, people can listen to music CD’s at work. What if this piece of crap had made systems containing crucial private data vulnerable? Like, for instance, the computers at a medical or insurance company? Simply put, computer security isn’t going to become a top priority in many places until some companies are burned, and burned badly in civil court. Until then, all we can do is be as careful as possible with our personal data. It won’t stop abuse in the long run, but there’s no reason to make it ridiculously easy for the bad guys.

Just to note: the article is from the AP, and out of Los Angeles. You’d think that the “world class” Chronicle could at least try to localize it by getting some commentary from Richard Garfield, or something.