Bit More Info I Never Detailed.....
The reasoning behind the latest bans/terminations is not because of the HALO2 leak. It's mostly because of a certain live 'exploit' you could say that allowed users to connect to the service with a backup... Since this flaw is now fixed with the latest security updates Let me explain.
As most of you know there exists HDD-Flagged versions of game executables. These files are sent down by the MS service when a game engine needs updated or bugs need fixed. Users were taking these special XBE's and placing them on the hard drive as 'xboxdash.xbe' on the 'C' Partition. Now you might think to yourself, how is this going to allow them to run the game when only the XBE file is located on the drive. Well, turns out if you place a backup of the game in the dvd-rom and then place this XBE as 'xboxdash.xbe' the xbe will be launched due to the correct signatures and then the files willl be accessed from the DVD-Rom. In conclusion, what do you have? A backup running on live.

I wouldn't advise anyone to attempt this because it will result in a ban and will not connect to the service any longer because of what is being checked. You can verify this was working at one time via the link in the first post of this thread.
This brings me to my next point. In order for them to detect this they have to be checking the xboxdash.xbe file on the /c/ partition. That would be the only way of detecting this besides scannign what partition your running the XBE file from when you connect to the service.
Furthermore, this could be what is *Mysteriously* causing these bans. People are leaving a modified xboxdash.xbe file on the drive and connecting to the service with what they thought to be a retail state.
Anyhow, I hope this provides some people with a bit more info on what is happening and how to prevent it.