It’s really not been a great few weeks for Sony. The company has been forced to suspend website log-ins to its PlayStation Network thanks to knock-on effect of the security breach.

The issue only affects people trying to log in to their account through a website, rather than connecting on the PS3 itself. Of course, that may include people who’ve had trouble changing their password on the PS3 and tried to do it on the web instead.

The problem is that the way the PSN password system works means it’s possible to change your password on the web armed only with your e-mail address and date of birth. That’s not proven a major problem in the past (while possible to find out those details in some cases, for example through social network profiles), but has emerged as more of a risk given both of these details are included in the data stolen by the hackers.

Meanwhile Sony boss Howard Stringer has defended the delay in announcing the data breach, saying that the company was “very careful and very responsible”, arguing that “forensic analysis is a complex, time-consuming process.”

That won’t be enough for critics though: one Congressional committee is already asking detailed questions about the breach, including several points (such as who was responsible for the attacks) that Sony has already said it won’t be making public.

The next big step will be the reactivation of the PlayStation store and the implementation of the “make good” offer from Sony which, it must be acknowledged, goes beyond my suggestion of a month’s free PlayStation Plus and adds in two free games.

Given the delays when people tried to get back into their accounts when the system came back online, it might be a smart idea for Sony to see if it can stagger the opening of the store (with existing PlayStation Plus subscribers first in the queue) rather than try to cope with 75 million people trying to download a free game on the same day.