Is there any legislation requiring how we store passwords? [closed]

Question

Given the Sony data breach and other events recently, is there any actual laws or regulation regarding how to store passwords? I think there are with credit cards, you're not allowed to store the 3 digit key or something.

Is it illegal to actually store plaintext passwords without warning the user? Or it there a level of encryption that has to be used?

Are there any standard guidelines that anyone can point me to?