Unauthorized subdomain creation

Hi there, It appears our domain (example) dot com has somehow had someone access either the hosting or some portion to setup a site we don’t recognize at mail (example) dot com, can you anyone help us understand how this might have happened and/or remove it as well as what protocols to change to protect our sites? Thanks,

Check your audit log which will tell you when and how the changes were made…

If there’s a chance it was due to one of your users’ accounts being compromised, then take actions to resecure it…


It doesn’t look like there is any history of that. Is it possible to delete the subdomain from here? I can’t seem to do it with the domain registrar, or the CMS. I’ve removed any other users and changed my password, but now want to get rid of the subdomain we’re hosting, and maybe see if there was access gained in another spot?