The usual non-technical word that would get picked here is "hijacking". If I get on a bus home, and some nutjob with a gun to the driver's head insists it goes to Springfield instead, the bus wasn't stolen, but it was hijacked and now I don't get where I was headed.
Hijacking can occur in several places in Internet infrastructure, but hijacking IP addresses is arguably the worst since there's almost nothing we can do about it. Cloudflare might have (perhaps even purposefully) struck the one thing you can do if you want to, which is put a popular but optional service on the address, and then let ordinary users scream blue murder because it doesn't work.
[ Other examples of hijacking: Web browsers will fetch the path /favicon.ico from your site. Why? Because Internet Explorer did that to add "favourite icons" for web sites, so now that's all you can use it for; administrator@example.com can't just be the email address for somebody who fancied the handle "administrator". Why? Because Certificate Authorities decided that if somebody receives email sent to administrator@example.com that person must be authorised to have certificates for any name in example.com. No existing rules told them this was safe, but they did it anyway, so now you have to allow for that ]
Oh, I should point out that "The Internet" (to the extent it's any distinct thing) also hijacks things. All ISO/ITU object identifiers used in Internet standards are under the OID 1.3.6.1, but, er, 1.3.6 belongs to the US Department of Defense, so how did the Internet get the nice compact 1.3.6.1?
Turns out there's just an RFC from 1988 which says "This memo assumes that DoD will allocate a node to the Internet community", it says it assumes this will be 1.3.6.1, and of course thirty years later it would be pointless to say "No, the DoD does not allocate this node to you".
To be more specific, RFC 1065 states its use of the subtree that was initially held by the U.S. National Bureau of Standards. The NBS transferred the subtree to DoD, which had not stated how it intended to manage it. Thus, the DoD might have chosen a different value for the last digit of the internet subtree, but that's all.
This isn't really hijacking, although it does seem a bit haphazard. Considering the "official" handling of the subtree transfer, I suspect that the DoD did accept the decision after the RFC was submitted as a draft, with the RFC just not updated to reflect this.
30 years later, I don't think anyone cares about OIDs.
"I suspect that the DoD did accept the decision after the RFC was submitted"
You suspect that an enormous Federal bureaucracy "accepted" something but it isn't written down anywhere? Does that sound right to you?
If you mean "accept" in the tacit sense that they can't do anything about it now, well, of course, that's why I called it "hijacking". I can't do anything about the fact I'll be home late when my bus is hijacked, but let's not pretend I've "accepted" the new destination and somehow now the nutjob with a gun has my permission to take it there.
Funny thing about OIDs, everything that needs to enumerate things and touches any of the ISO/ITU X series standards uses OIDs, yes, still in 2018 and presumably forever. For example you might have noticed that TLS 1.3 is now (probably) finished. Grep through that and you'll find it mentions all the OIDs you need to use to make it work, and introduces OID filters so that you can write key-value matches for client certificates like "I only want client certs which have the following policy OID".
OIDs are fine, there is no reason to create a new parallel system that would work the same way and presumably either duplicate the OID hierarchy or try to displace it.
This kind of makes sense, except that we are talking about hardware devices here.
The hardware is manufactured by a private party that has no obligation to follow anyone else's rules.
That party may voluntarily decide to participate in some standards body and get their device certified in which case maybe they are violating some voluntary private certification, but I don't think that is the case here.
As a consumer, unless the manufacturer specifically guaranteed compliance with some standard, then the product is not defective. You get what you specified. If you failed to specify (or verify the specification) that is your fault as a consumer.
Your imaginary standards and rules are not legally binding in the real world, which is my manufacturers ignore them, and why it is silly to call this "theft" or even "hijacking."
How can a manufacturer hijack their own device? It is their device. You the consumer chose to buy it. Unless they guaranteed you something in writing that is missing, caveat emptor.
Hijacking can occur in several places in Internet infrastructure, but hijacking IP addresses is arguably the worst since there's almost nothing we can do about it. Cloudflare might have (perhaps even purposefully) struck the one thing you can do if you want to, which is put a popular but optional service on the address, and then let ordinary users scream blue murder because it doesn't work.
[ Other examples of hijacking: Web browsers will fetch the path /favicon.ico from your site. Why? Because Internet Explorer did that to add "favourite icons" for web sites, so now that's all you can use it for; administrator@example.com can't just be the email address for somebody who fancied the handle "administrator". Why? Because Certificate Authorities decided that if somebody receives email sent to administrator@example.com that person must be authorised to have certificates for any name in example.com. No existing rules told them this was safe, but they did it anyway, so now you have to allow for that ]