Continuing the discussion from Followups from 25 Mar 2021 Service Degradation:
My only 2 domains using Netlify DNS just started failing again, after the March 25th outage. Upon checking the DNS settings, I see that the records have been changed again, making the domains point to malicious sites.
Instead of the usual name.netlify.app NETLIFY records automatically set by the system for the domain, both domains were now pointing to this A record only: 184.108.40.206. If you browse to that IP, you’ll get the same site to which my domains are/were pointing. Any other records were removed or missing, including MX records, which I had just set again on March 25th.
Either your system is doing something wrong, which Chris @fool identified the last time, or my account was hacked and someone accessed it directly and changed the DNS. Is it possible for you to check the logs to see if there’s any activity related to that second scenario? The problem seems to have started today, probably not long ago.
The domains in question are unidospodemos.cr, which is still pointing to that bogus record so that you can review, and phoabogados.com, which I already changed the records back to what they should be.
I really appreciate you checking into this, so that we can avoid the issue happening again.
Thanks in advance.