This is clearly not as black and white as you're making it out to be and Sony's response is really poor. A few points:
1. £500 of transactions in quick succession is highly unusual.
2. If OP had downloaded and played the games purchased Sony's system would know which console they were activated on. Presumably whoever stole the account activated their own console shortly before or after so again this should highlight something unusual is going on.
3. All Sony is doing is losing a customer and £500 when they claim it back from their bank.
I experienced this several years ago and Sony were very helpful; they refunded the money and removed the games the thief had bought on my account. I guess I should take this to mean PSN was compromised in my case. Interesting Sony didn't mention that at the time.
If this is Sony's stance now they should be removing the ability to store credit card details on the web store until such a time that they chose to implement two-step verification.
First, my comment was in reply only to the statement I quoted, which was that there was no breach. However, The OP has an email from Sony which clearly states:
" As these transactions were made via our online webstore, we're unable to take action against any consoles for processing this purchase. We will however investigate any devices involved where possible and take action where appropriate, however we will be unable to share details of this. "
So... a couple things are possible. The other PS system has been identified and banned. Or, possibly, they did research and determined the purchase was 'legitimate' -- for example, for all we know the OP could have given his account details out to a brother in law, and then a nephew bought stuff [I'm making this up, obviously, but the point is, we are woefully ignorant of exactly what actually happened, dependent only on a one-sided account from the OP].
The OP is rightly angry. I'd be upset with Sony too. But I'd also be upset with myself for getting hijacked, and not blame Sony for it.
That is complete BS. To punish someone for trying to get their money back for a unauthorized charge should be illegal.
Chargebacks are abused to high heaven and cause businesses to lose a small fortune annually (if not weekly, depending on the size of the company). The company is responsible for the cost of the good, they get fined, too many chargebacks can cause other penalties, and the return of the good itself (when not digital) is not guaranteed.
In a perfect world, people would only use chargebacks as a last resort, when the company isn't even responding to contacts. However, they're used as reverse fraud all the time (buy something, charge it back) and as 'instant refunds', etc. Banning people that charge back isn't uncommon, and is completely understandable given there are other methods of remediation available.
Imagine if you sold someone something for $15, then found out a day later you were out that $15, fined another $5 or $10, and had a mark against your account, and never got back the thing you sold. You'd likely never sell to that customer again, either. Now multiply that by thousands of people doing exactly that to get free stuff... and you can understand why businesses dislike chargebacks. There are certainly legitimate uses for chargebacks, but even then it's likely the business relationship is over.