Electrum password alone isn't sufficient (assuming the attacker got it through your dropbox plain text file), he'd also need a copy of the electrum wallet file. Any idea how that was accessed?
If I understand the OP correctly, both the wallet file and a plaintext txt with the password were on a dropbox volume.
I don't use electrum but the way I understand it is the wallet is constructed from the 12 word seed.
That's why I asked Klee for kleerification... (*snort* sorry)
There's a
password that secures your wallet file, and there's the
master seed. With the seed, you're able to access the funds all by itself, but with the electrum password alone, you still need the wallet.
They had both..
EDIT: Apologies for not replying but I am trying to manage a mess here (format the computers, contacts with authorities, phone/skype calls etc)..
Doesn't dropbox use 2-factor?
Yes but you need to turn this on, and its not on by default so the likelyhood that it was on is slim. Additionally if anyone is reading this on top of the 2 factor, you can manage which machines/devices have access to your files so you can see what machines are actively syncing.
My sincerest condolences to the OP, Storing the seed needed to take the wallet on dropbox seems unsafe but probably worked well enough for him for quite sometime. I am sure many people have already suggested it but you should build a machine that does not have a network card or network drivers then generate an Offline Wallet. This is really only a good solution if you intend to rarely ever use the coins because preforming the offline transactions takes a tiny bit of extra time and requires two computers and a fully updated blockchain.