Contacting Giant Corporations?

[bcg at struxural.com (Ben Greenfield)]

I can't divulge a ton of information, but this is the scenario I'm looking at:
1)Client has server that gets malware infection
2)Logs show server reaching out to an IP address for FTP
3)IP used to have a DNS record for a mega corporation
4)Client may be running product that legitimately accesses said IP, or
said IP may be compromised under said mega corporations nose or the IP
may no longer belong to said corporation.

I've tried calling 3 different regional offices of the said
corporation looking for someone in either internal audit, internal
security, network operations, or public relations.  Corporate
operators don't seem to want to help out of fear of violating policy
of not transferring callers, so I've only been able to get to tech
support (who blow this off because its not about  said corporations
product) and a single person in public relations who isn't returning
calls (yet).

How would you proceed?  At this point I'm just trying to figure out if
the corporation does or does not own the IP anymore.  I've obviously
already tried whois, reverse lookups, google, and the like.

I think this also brings up another issue.  In this case, I'm not even
sure the FTP server is malicious or not, I'm just trying to establish
ownership.  What if I knew 100% that this thing was hosting malware -
it could ruin this corporations public image if that got out - yet
this corporation has no clear path for me to report this to them.
Obviously, in the hypothetical scenario full disclosure would be an
option, but both because I don't know for certain if the IP hosts
malware right now, and because I'm under NDA, that is not a
responsible or even possible option.

So I guess I have two questions on this:
The philosophical - what's the best way for an organization to deal
with this scenario (ie making themselves available so they don't get
embarrassed with a full disclosure)?
The applied - If I can't get someone from public relations / network
operations / internal audit on the line because of the corporations
policies, how would you go forward in establishing ownership?