bigvibes writes "A couple of weeks ago Dropbox hired some outside experts to investigate why a bunch of users were getting spam at e-mail addresses used only for Dropbox storage accounts. The results of the investigation are in, and it turns out a Dropbox employee's account was hacked, allowing access to user e-mail addresses."
This particular employee had a list of user emails
stored in their Dropbox. To prevent future incidents, Dropbox is moving toward two-factor authentication