a few years ago...
maybe 2014, or 2015, or thereabouts, TCS (my employer, Tata Consultancy Services) was "hacked" (1) the same way.
I'm really too lazy to look it up but I think that was also NetSol when that happened.
Looks like they haven't learnt any lessons or modified any of their processes to cover this!
----
(1) "hacked", in quotes because everyone said we got hacked and we had to go around explaining that it was actually the DNS provider that was "hacked"