Ok, since I haven't gotten any responses from the Earthlink security folks, I decided to call the phone number listed via the WHOIS lookup on earthlink's DNS IP. I get the operator who tells me that "The Abuse Department is a voicemail line only, and it is broken right now." Wow.
She passes me to tech support. An Indian lady answers the phone and starts telling me what websites I can go to. I explained to her that I am trying to do her a favor and tell them about a hack that could be affecting thousands of their customers, and was not interested in looking up other websites and doing more work for them.
She had no idea what I was talking about. All she said was thanks for reporting it, and started trying to talk to me about why people do things like this. My god. Earthlink appears to be doing things all wrong.
Who knows what else is being spoofed from their DNS... banks... email login pages... and geez, google-analytics!!! I mean, think about how many websites use that service!