No, and I think Sony is on very dangerous ground indeed
Security is our responsibility, not Sony's.
Not quite - it's actually a shared responsibility insofar that the only aspect the client can control is the quality of their password. However, a strong password is of no use whatsoever if Sony have done sod all to protect the network itself. They can insert contract clauses all they like, but if we have clear evidence of a hack and it is NOT the user, liability falls to Sony, in addition to the fact that that clause is actually invalid under UK law as it's unfair.
Having just looked it up it appears even worse for Sony: it is an EU directive so their silly "we keep your dosh" clauses are not just invalid in the UK, they are invalid in the whole of Europe!
In other words, it appears we're heading straight into a Europe versus Sony here, and it's at this point I personally regret not being a Sony customer that got hacked myself because I would have *so* much fun with this one. I'd make them sorry for ever having tried run that scam on me.