Anton Mityagin writing on The Dropbox Blog:

Recent news articles claiming that Dropbox was hacked aren’t true. Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.

It’s always a bad idea to reuse passwords across multiple services. This is a great example of why you shouldn’t do that.