Hacked, DNS changed, no idea what they were before or who even had the cloudflare login, need to transfer to a new account or set back to original (cant get in touch with a person on either cloudflare or squarespace thus far)
What steps have you taken to resolve the issue?
Able to login to squarespace, and have regained access to the backend. I then tracked down that we were using cloudflare, and set up an account here to ask kinda what I need to do next.
What feature, service or problem is this related to?
I am not the most tech savvy, but I am doing what I can to help the Elks Lodge, they do a lot of good things in the community and I hate seeing a charitable org get there stuff stolen and linking to some crappy gambling site. At this point is it better to just make new accounts and slowly transfer to new cloudflare DNS and nameservers?
What happens if I delete all of the current DNS records on the site prior to changing nameservers? Will that take down the scam site-seemingly redirection and then give me time to transfer stuff?
Yes, but I wouldn’t really bother. Just login to GoDaddy if you have access to that and change the nameservers to the default GoDaddy nameservers in the meantime, that disables the website and anything else, like email.
Adding the domain to a new CF account doesn’t take long (definitely avoid the automatic import though in this case). Finding all the DNS records you need might take you a bit, depending on the access to have to hosting, email etc.