There is some anecdotal confirmation from various folks but nothing I'd consider hard proof. I saw various update alerts on my phone on Saturday but I ignored them, and I was getting certificate errors when I started to browse to my junk mail bucket (hotmail) at which point I killed the session. Some other folks have posted that they had more explicit events (emails from themselves and such), but still nothing outrageous. The laptop I had tethered to my droid was a blank/patched ubuntu install that was nuked 5 minutes after I walked back into my house. As for the phone, well, it was time to try out cyanogenmod 7 anyway.
CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER