Maybe just coincidental, but while I was searching thru Dropbox mail looking for details for another reply here, I noticed this message from Aug 26th 2016:
"We’re reaching out to let you know that if you haven’t updated your Dropbox password since mid-2012, you’ll be prompted to update it the next time you sign in. This is purely a preventative measure, and we’re sorry for the inconvenience."
2012 was apparently when Dropbox had 68 million email addresses and hashed passwords compromised. It just took 4 years for anyone to find out about it.
Cynical-me wonders if this is because whoever got this passwords also got the backend source, and they've discovered security problems that're easier to fix by killing features than but actually fixing the code the attackers have?
