Update: Dropbox has once again stated that their service has not been hacked but rather the list of credentials leaked came from a different service. And people are now trying to exploit that list by logging into different website where users re-used their passwords.
What this means is that users who re-use their passwords are still at risk, though Dropbox says it’s keeping an eye out for suspicious activity. And obviously the best policy here is that users don’t use the same password twice, and enable 2-factor authentication on all services that support it.
via Massive list of Dropbox credentials leaked, change your password immediately [Update] – Neowin.