Sony have stated they've hired a "recognized security firm" to conduct a complete investigation into what happened and have taken steps to enhance security and strengthen network infrastructure.
Patrick Seybold, senior director of corporate communications for Sony Computer Entertainment of America wrote on the official Playstation blog today:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network.
Among the possible info stolen:
Name
Address (city, state, zip)
Country
Email address
Birthdate
PlayStation Network/Qriocity password and login and handle/PSN online ID.
Credit card detail is also included, but can't be confirmed if it's been taken.
Patrick also adds:
If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports
We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.