Whilst this might seem a bit obvious it can’t hurt to make this suggestion.
A lot of people use the same username and password combinations across a bunch of websites and even for their personal e-mail (when a username has to be in the form of an e-mail address). Of course, this makes it easier to remember for us individuals but makes this as easy for the bad guys to get into our accounts (of which they would target high value accounts such as PayPal).
Anyway, at the very least you should change your PSN password given that we now have the ability to do so. Simply visit the PlayStation Store and login with your current credentials. It should prompt you to change your password to something else and then challenge you with one of them squiggly letter and number things to make sure you are a human. If all goes according to plan then you should be done.
What you might also consider doing is changing the e-mail address associated with your PSN account. Under the “Account Management” section you should see the option for “Change Sign-In ID (E-mail Address)” – the second item under that heading. Click on that and follow the instructions to change your e-mail address. You might want to use a secondary e-mail address if you can’t create additional e-mail addresses easily (just make sure your new PSN password doesn’t match that of the secondary e-mail account).
I am yet to update the firmware on my PS3 to 3.61 yet (I’ll get around to it when I can be bothered) but I dare say that it will become a mandatory update (if it isn’t already).