Agreed, and we are pursuing all avenues.
The biggest concern is that "chain of custody" for the folders will show that they account that created them was part of our team when they were created, and it was not like it was an employee user account either. It was a shared admin level account they he converted to a personal account, and then changed to his personal email address. They can see the timestamp on the folder creation, they can see that it wasnt like "user@domain.com" it was actually more like jobrole@domain.com, which you would think is enough for them to say "oh hey, this is a legit concern from a business spending a significant amount of money with us."
When he first did this, we immediately tried getting assistance and they refused. They told us that the only thing we could do was to "re-invite him to the team", and then if he accepted, we could delete him to seize the folders... but that would somehow transfer all of his folders to us, and we could be legally liable..?
We then tried to negotiate with the former employee, and he turned over ownership of some of the folders to us, but not all of them. At this point, there are still nearly 600 folders that he controls. While many of them are archived projects (and therefore not as much of a concern), he recently changed his email address to something else to impersonate the Dropbox support staff (which I raised with Dropbox Security, surely they dont want people impersonating them and messing with information) and began modifying process related files. Well this morning he straight up deleted a process folder, and that's impacting a pile of people now.