That’s the word from Texas attorney general Greg Abbot, who recently announced he had amended his state’s lawsuit against Sony BMG to include new allegations that the label had embedded spyware in certain copy-protected discs.

Last month Texas became the first state to sue Sony BMG over the label’s “rootkit” fiasco, charging the anti-piracy technology used to copy-protect certain CDs actually made computers more vulnerable to virus attacks.

But the rootkit, which effectively “cloaked” the antipiracy program called XCP, was developed by United Kingdom-based company First4Internet. In Abbot’s revised lawsuit, he now charges that Arizona-based SunnComm, through its antipiracy software MediaMax, has also placed secret software on consumers’ computers via Sony BMG CDs.

Abbot charges that SunnComm’s MediaMax copy-protection technology installs secret files onto a computer’s hard drive even if the user declines the licensing agreement that pops up onto the screen once the disc is inserted into a machine’s CD tray. Abbot says that such an action violates the state’s spyware and deceptive trade practices laws.

“We keep discovering additional methods Sony used to deceive Texas consumers who thought they were simply buying music,” Abbot said. “Thousands of Texans are now potential victims of this deceptive game Sony played with consumers for its own purpose.”

Abbot also sent out a letter to retailers urging them to remove any Sony BMG CDs that carry the problematic antipiracy technology still on the shelves.

“These CDs open the door for malicious hackers to target consumers’ computers,” states the letter. “Hackers may be using the Sony files to install viruses, malware or even commit identity theft. Retailers that continue to sell these CDs may be just as liable under the law as Sony.”

Sony BMG has made a patch available for download that removes the SunnComm MediaMax software. However, a statement the label made regarding the problem seems to throw more fuel onto the fire.

“The security issues with MediaMax are not uncommon and are completely addressed by a software update which we already have made available, as is standard practice when problems with consumer software are identified,” the label said in a statement regarding the MediaMax software.

That’s right. The label said “The security issues with MediaMax are not uncommon,” a statement that might be interpreted to mean there are other security problems caused by copy protection software employed by Sony BMG. Problems that no one knows about. At least, not yet.

When the XCP debacle hit the fan, Sony BMG ended up recalling millions of CDs embedded with that particularly nasty software. Under Texas law, the state can recover up to $100,000 in damages for each spyware law violation and $20,000 for each deceptive trade violation.

Sure, that’s a lot to pay. Even for a major label. But Sony BMG might as well get used to it. After all, the label said that such security issues “are not uncommon.”