In a nutshell, they don't know much of anything about the hack. They estimate as many as 10 million users personal data was exposed but now claim there is no proof any credit card data was stolen.
They are moving the PSN Data Center to a new "more secure" location and created a new position, Chief Information Security Officer, to oversee future security.
They made a point to say that PSN passwords were not encrypted but were hashed.
They hope to have some services re-started in a week and full access restored in one month.
There will be a forced system software update that will require all registered PlayStation Network users to change their account passwords before being able to sign into the service. As an added layer of security, that password can only be changed on the same PS3 in which that account was activated, or through validated email confirmation
They also recommend changing your password on any sites you may have used the same password as PSN on.
Affected users will get a free 30-day subscription to PlayStation Plus and an unspecified free software download. Qriocity customers will get an extra 30 days of service.
They will deal with PlayStation Plus members and the contents of online wallets on a case-by-case basis.
You can also cancel your account if you wish.
Many questions were asked about the Anonymous attacks and the possible connection to this case but Sony downplayed Anonymous as a minor annoyance at best.