Strange how many of the commenters on the article think the Sony was hacked from a rooted PS3. There's no evidence but I'll assume this was done from a PC until I see some reason why doing it from a PS3 would make it easier (in any way).
Not too strange when you consider that most people don't understand networking and the internet.
From the point of view of some people:
"It's the Playstation Network, obviously you have to use a Playstation to get on the Playstation Network. You can't use a computer, they aren't compatible!"
I can't come up with a direct analogy for a similar lack of comprehension, but I keep thinking of the apocryphal stories of people that lock themselves out of their cars with the windows down, and freak out because they don't think of reaching through the window to unlock it manually.
I agree with you that it was probably done from PC (or well just about anything including PS3, but not because it was required to use PS3), but on the other hand it seems plausible that information extracted from (probably rooted) PS3 was significant help.
Apart from the fact that it's already got all the hardware and software to communicate with the servers, and is thus a much better conduit for an exploit, you mean?
Well the protocol turns out to look a lot like HTTP talking to Apache over SSL. This is no surprise, it's easy to develop with and is the most likely to make through proxies and firewalls outbound.
Nevertheless, Sony seemed to assume that it guaranteed they would only receive valid messages from actual hardware they controlled. This is not a security feature of SSL/TLS which depends on the client doing its part to prevent the absence of a man-in-the-middle.
When the client was hacked, many of their assumptions were violated. We hear rumors of hackers "mapping" their systems onto some internal development networks. What this means exactly I don't know.
But if Sony's primary network defenses were the Maginot line, their dev network probably looked a lot like Belgium.