I have had it quite a few times, but it turned out that there was a router with faulty RAM, which was corrupting data in transit. Most of the faults were transparently handled through the TCP checksum, but some got through. In practice, I was getting one wrong bit every 30 MB or so.
I also encountered software packages with a wrong MD5 probably due to a human error on the packager side (he just forgot to rerun the MD5 after having updated the package; or it could have been his computer which had faulty memory). Last it occurred to me, it was with a binary package for NetBSD on a PowerPC architecture.
As far as I know, such random errors are orders of magnitude more frequent than real attacks from malevolent individuals. And yet they are quite rare nowadays; the Internet at large is much more reliable than 15 years ago.