Just re-image all servers running the thing, one by one, to ensure no backdoors remain, and bring it all back up
This, ladies and gentlemen, is a perfect example of how Sony /not/ should do it.
The gentleman known as "shutdown -p now", seems to suggest that Sony should use their energy to get the servers back into a state where they can be re-breached within minutes of going back online!
Of course, this is exactly what we should expect from armchair know-it-alls. One should not trust sysadmins / system engineers who knows the situation and how to take care of it. The armchair know-it-all will scream "No! They made it this bad in the first place" - without caring one moment to think about the layer known as "management". The layer that demands that "if it works, do not touch it at all! it works! Downtime is Verboten!"
It doesn't take two weeks!
They have to:
1. Remake installation routine
2. Reinstall servers
3. Reinstall software
4. Reload the user data .. this is probably done within a day or two.
Then they have to:
5. Harden the new systems.
6. Harden the firewalls.
7. Pentest the shit out of it
8. Get it audited.
9. Re-harden, according to audit-report
10. Get audited again.
11. Repeat the two steps above until audit report is clean.
And this didn't even touch onto the huge topic of making sure that there isn't any breach of workstations that can be used to gain administrative access to the systems and so forth. It doesn't touch upon the topic of verifying user data integrity. It doesn't touch upon the topic of checking for backdoors that gains the attacker elevated access to the network, without admin privileges (but with an easier attack vector from being completely outside).
Meh!