A few weeks ago we wrote about a spam problem
reported by Dropbox users.
Email addresses which had only ever been used with Dropbox accounts (at least so far as the account holders were aware) experienced a surge in spam, leading people to conclude that something had gone wrong at Dropbox.
As we reported at the time, the truth was actually a little more complex than that.
Some users had set the same password on multiple sites, and a compromise elsewhere led to their Dropbox accounts being unlawfully accessed and assaulted by spammers.