Re: So...
Not so much hubris, that requries at least a modicum of competence, I would have thought. In this case, someone screwed the pooch so massivly, it's amazing the SPCA weren't alerted.
At the very LEAST, for their DR, they should have had a complete OFFLINE server backup, complete with the OS loaded and configured, with all software installed and ready to go, but less populated data, ready to reload to all the TARFUd servers; this should be their first level backup, which should be regularly updated with all updates, patches, and reconfigurations. Call that the weekely configuration backup. You do not, EVER, hold that online: It's kept unplugged in a fireproof safe, and a VERY limited number of second or even third-line managers have access to those - or should, anyhow.
Next up, each server has a daily offline backup performed, which is, once completed, again kept unplugged and offline, in a fireproof safe. Time consuming, yes, but if done after the non-IT workforce has bogged off home at the end of their 9-5 working day, doable. Again, access to the finished product should be limited, mostly to first or second-line managers, as it's the sort of thing that'll be needed should servers fall over for whatever reason.
Those are the very MINIMUMS that any commercial entity should be looking at.
Security constraints should have critical (e.g. root access) system UN/PW combos changing at least weekly (in a place I used to work, in a VERY paranoid environment, these were changed DAILY, and boy was that ever a pain), and they should be of the HIGH strength combo and length quality. OK, UNs are guessable, but HSPWs should be impossible to guess, and at least a formidable roll versus sanity to remember - say 12 digits long, mixed upper and lower, plus numerals, and case-sensitive. Yes, it's a pain in the arse, but for a company like Sony, it should be de rigueur.
Frankly, this is so bloody basic a set of disaster and security requirements that should be implemented as standard, that it beggars belief that they apparently failed to perform even this level of protection for themselves.
As to budget cuts and refusals, yes, these happen, but not, I would have thought, to quite that degree.
All things therefore being considered, I'd say this was an epic-level pooch screwing.