So, my question is whether or not this is a common thing, and if you have any suggestions of what I can do to rectify the situation.
Situation:
* I bought a domain name a long time ago.
* I set the nameservers to Digital Ocean.
* I never made the site on DO (or the DNS entries) because... well... life.
* Today, I decided to finally make a site. I couldn't create a DNS entry on DO, however, because someone else already had, and was redirecting to some server somewhere.
* To be clear, someone else has a DO account where they made a DNS entry with my domain name and pointed it to their own server.
If you are curious, here is the IP it is redirecting to: 52.5.82.174. I did a reverse IP lookup, and it seems that 4,035 domains point to this address.
On one hand, this is an ingenious way to capitalize on otherwise neglected domains without incurring any cost to the squatter. On the other hand, it's my domain and now I can't use it on DO. (I've opened a ticket with them, so we'll see where it goes from there.)
Here's another example: Let's say you have an old domain (abc.example.com) that you used to host on GitHub Pages. Time goes by, and you decide to retire the site: You unconfigure the GitHub Pages configuration, so going to abc.example.com gives a GitHub 404 error, but you don't remove the relevant DNS records.
In this example, some time later, a person might come by, notice that you have abc.example.com pointing to GitHub Pages, but not have a GitHub Pages site. That person can then spin up their own GitHub repo, and squat on your domain.
In this example, you can reclaim ownership of your GitHub Pages by contacting GitHub Support: They would likely ask you to put a TXT record in your DNS, as proof of ownership. As for Digital Ocean, I'm not sure what they'll do.
But indeed, yes, this sort of squatting is a thing.
I had a job almost 20 years ago at a dedicated web hosting company and it was almost a daily occurrence for someone to try to utilize an IP address or domain that they didn't own. Some of the more bold ones would even try to use social engineering to get someone on a support team(usually over the phone but not always) to create sub-domain entries for domains they didn't own or even change A records to CNAME to redirect the entire domain to some fraudulent website. The company had control over a Class A and multiple Class B IP ranges and it was also very common for existing customers to try to "borrow"(to avoid being charged for it) the use of additional public facing IP addresses that were not actively in use at the time.