@RetiredInFl 

Sorry, I didn't mean to sound like spam. I don't know everyone's level of expertise in this community forum, but I didn't even know what a MAC address was until this incident, and in trying to educate myself about cyber security I have now learned about "brute force attacks" to knock you off your network and "handshakes" between computers when you sign back in so your password can be stolen, if that's true, then it seems a MAC address would be the thing that lets them follow you and do it again. Thus my question. So a hacker can't follow you by somehow searching for your specific MAC address?  I really am not trying to ask stupid questions, I really don't know how it works. 

@Jacobyvvyv6 Didn't mean to imply you were a spammer just that there were about 40 messages around yours that were.  I simply wouldn't be concerned and I DEFINATELY wouldn't buy new hardware.  Just keep your protection (anti-virus & firewall) up to date running and you will be fine. It's your WAN (internet provider) IP you would worry about if you had no firewall or AV running.  Of course if you were a SPY or secret agent they might try hard to hack you.  :D 

@Jacobyvvyv6 

If you have changed your password and its a complicated alpha-numberic with special characters you should be fine.  IP addresses at least the ones on your devices shouldn't be of a concern because those are common private IPs that every router uses.  The one that you need to pay special note to is your WAN IP address, but even that will change every so often, unless you pay for a static WAN IP, in which case just ask your ISP to change it and why you are requesting the change.  Even with the WAN IP address its only important if the (former?) friend can get access to your router.  I would ensure that your router does not have remote access enabled though,  With the Deco M9 that is very easy to do since the only way to acces the router is through the cloud base app.  For security here is what you should do if you haven't already

1.  Change the Email address associated to your TP-Link ID.  Probably a good idea to create a new email address in case this person has access to your existing ones.  This would make sure that he can't get a password reset sent to him.

2.  Use a different unique password you haven't used before.

3.  Use a new SSID for your network name.  Something uncommon.

4.  Change the WiFi Password to something you haven't used before.  

Best Regards 

@Carl Former is absolutely correct. I have changed emails and have changed the password a much more complicated one ( a few times now).  I would never dream of doing that to a "friend" so it never occurred to me to be as protective of my info as I obviously should have been, but now I know. There is however an open network labeled "New Thermostat..." followed by some numbers and letters. It always shows up as one of the strongest signals in the surrounding networks and I actually accessed it once but it disappeared immediately only to start showing up again anytime I reboot or change my WAN. It was there before I ever bought my Nest (which is now in a bag in the closet completely disconnected) and remains to this day periodically in my list of networks. Is this some kind of virus maybe?

@Jacobyvvyv6 

I don't think so and a quick virus scan could confrim that.  What that likely is, is a known and saved network since you connected to it once, from when the Nest Thermostat was first there.  Just go to your computer's saved networks and see if it is listed and choose forget.  Also it could be the name of a Guest Network.  log into the Deco app and look for Guest Networks and ensure it is disable or at the very least not this network name.  For future the Guest network is a great tool to allow friends and family to access your internet without accessing your network and devices.  

@Jacobyvvyv6 

Any Hacker using Kali Linux, Npcap app, Wireshark app, and any number of password decryption tools can find your device and network from anywhere in the world, and even the copy and paste hacks for your particular deco device (on the dark web), and in the worst scenario (easy to hack), if not secured properly, even just find it using google dorks or shodan.io using some social engineering, and then use Kali Linux to log in and use your network to perform clandestine attacks on other websites or even government databases, leaving you looking like the culprit.

Learn here

https://www.youtube.com/watch?v=taAD2z8spP0

https://www.youtube.com/watch?v=VSD9uKXDfuc

https://www.youtube.com/watch?v=WW6myutKBYk

even with a mobile phone you can do it in linux

why don't you find out the mac and ip address of the person using your network and blacklist them in advanced settings of yuour router?