Concerns that my Router Administration was hacked and utilised to extract data
I have had an issue with intermittent WiFi issues which I had put down to potential increase in traffic at my exchange/cabinet.
However I also have reason to believe that some of the devices in my property were affected by a remote access threat. This is due to some of the permission changes observed on both mine and my partners' devices, and in the events log on my router administration.
Steps taken so far:
1. Changed admin password, of which many people may or may not have access to the default (massive rookie error)
2. Factory restored potentially affected devices.
3. Changed all passwords to significantly more complex arrangements.
4. Reviewed events log on router, and discovered some requests and logs that seem a bit off (the part I really need help with!)
Note: I also utilised work devices, which I have discontinued due to the unnecessary risk they pose to my WiFi security.
Please could anyone help me with the identification of threat/erroneous event logs, I have them on CSV and am filtering but unsure as to what would be legitimate or not.