Dropbox users began receiving spam at email addresses they’d created specifically for use at Dropbox. The company blames a Dropbox employee who re-used his or her password at another site that got hacked. A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses. A Dropbox spokeswoman says the company is not ready to disclose just how many user account credentials may have been compromised by this password oops. Dropbox says it has plans to roll out additional security measures that should help users protect their accounts.”]
Source: https://krebsonsecurity.com/2012/07/dropbox-password-breach-led-to-spam/