Network World has a list of the worst security breaches of 2012 and there is no surprise to me that the Dropbox incident in July where an administrator used the same password for his Drop account that he used on a site that was compromised. The intruders were able to obtain an e-mail list of Dropbox users from the exposed account.