The name servers for (several domains I don't own) no longer point to Cloudflare

I received emails that the name servers for DOMAINS I DO NOT OWN OR HAVE ANY RELATION TO have changed. I’m getting totally spammed. I only use Cloudflare for 2 .com domains and they are NOT:

These domains seem to have used jack and rihana as Cloudflare nameservers. Are these the nameservers associated with your Cloudflare account?

Can you post a screenshot of the message?

1 Like

Actually, since I switched web hosts last year, I no longer use Cloudflare. Just double-checked my account. No websites are listed on my dashboard.

I’ve now received 8 more of these notices, since my post here.

Email is:

The name servers for no longer point to Cloudflare. They now point to:

[not set]
[not set]
[not set]
[not set]
[not set]

This change means that is no longer using Cloudflare and will not receive the benefits of our security and performance services. Your DNS records will be completely removed from our system in 7 days.

If the name server change was in error, reactivate your domain by pointing your nameservers back to:

Once you have completed this change, click the “Recheck Nameservers” button in your Cloudflare dashboard to ensure your domain stays active on Cloudflare.

Visit the Cloudflare dashboard:

We take feedback seriously. We’d appreciate it if you tell us why you’re leaving in this short survey:

The Cloudflare Team

Need help?
Troubleshooting tips:
Contact support:

That would seem to suggest these domains were somehow associated with your account. Maybe your account was compromised. Change your password.

1 Like

I’ve changed the password. Also checked the Audit log and no activity has been posted aside from my activity today.

The emails are coming from

|from:|Cloudflare [email protected]
|to:|adminus [email protected]
|date:|Sep 19, 2019, 2:23 PM|
|subject:|[Cloudflare]: The name servers for no longer point to Cloudflare|

The audit log is a good point to check too. It actually should list this kind of activity as well. For clarification you might want to open a support ticket. Support should be able to tell what happened.

1 Like

I already opened support tickets. I wanted to see if anyone else was getting spammed. Thank you. I appreciate your help.

Tickets? One should suffice. Can you post the ticket number here for @cloonan?

1 Like

Excuse me??? I’m the victim here. I don’t like your tone. Just like I didn’t like being spammed.

Yes, excuse me! My what, my tone? Victim, what? You got a few emails regarding your account which you seemingly didnt secure well enough and thats what you call being spammed?

You are already in contact with support anyhow and only they can help you in this case, the community cant. Closing.

I’m sorry you feel attacked. @sandro tends to err on the side of brevity, but his technical accuracy is normally pretty spot on. In reviewing the answers he provided he did a remarkable job of actually diagnosing the issue and providing a reasonable solution.

  1. He’s correct that opening multiple issues (more than a dozen in this instance) will likely slow your response.
  2. When I read the initial thread I initially thought… oops wonder if one of our tools ran amok, but Sandro had more faith in the tool than I did and worked under the assumption it was working as expected (spoiler: he was right).
  3. These accounts were added to an account with the email address you posted in your original post. Some more than a year ago.
    3a. That is not the account you posted in this thread with, nor the one you emailed support from.
  4. If that is your account and you weren’t the person who added the domains then it is indeed likely the password associated with that account has been compromised and it should be reset.

The suggestion that the password may have been compromised is not a placement of blame, it is a reasonable explanation for how a domain was added to an account under your control without your knowledge.