@rob, @JulioMiles, is this a large potential issue if soylent.nu isn’t yours. They were opening your soylent.me site in a frame. That means anyone who used the soylent.nu site to log in probably had their username and password captured and maybe even personal info if they used soylent.nu to sign up or make an order. The nu site was using a non-secured connection, so info could have been sent in Plain Text and readable by the owners of the site (I don’t currently have access to an https web site to test/verify this).
As j8048188 says, the site now redirects to your site instead of using a frame. So that means the person who set it up is probably registered here or Reddit and found out they were caught.
You should be able to tell how much the soylent.nu site was used and what pages were framed by your web log files showing access from soylent.nu’s IP Address 126.96.36.199.
You should notify Google about a malware/phishing/fake site to get it removed from search results and send the registrar (email@example.com) a take down notice. You should probably also email people and tell them that if they used soylent.nu, they should change their password and if your log file shows access from 188.8.131.52 to ordering pages, that users should watch their credit for fraudulent charges.
Let me stress that while the law says you need to notify people of this issue when you are hacked and/or have data stolen from your site, it would be prudent to notify people about this issue anyways to protect your image.
You can prevent this fro happening again by editing your web sites config file or adding a .htaccess file in your root directory with:
(block all frames):
Header append X-FRAME-OPTIONS "DENY"
(page can only be displayed in a frame on the same origin as the page itself)
Header append X-FRAME-OPTIONS “SAMEORIGIN”