I'am not aware yet of any such issue in ispconfig. It might be that someone just got access to the mysql database or that someone knows the password of a admin, client or reseller account of your ispconfig installation and used that to add the data.
Is the dns module enabled for any of your clients or resellers in ispconfig or do you manage the dns records for your clients?
Is the target IP address of the A-Records one of your servers?
You can try to find out when the records got added by looking into the sys_datalog table in the ispconfig database, this table conatains all configuration transactions.