As someone who has insider knowledge of the industry, let me tell you what's going on and how to fix it.
There's a 10% chance that a detractor employee is doing it and a 90% chance that a troll is social engineering to have an employee do it.
Phil's account security is most likely dogshit and has a secret question on his account for verification like "what is the name of the street you grew up on" "favorite pets name" just easy shit that Phil would freely give. He gave out some of his Mac addresses today in those screenshots ffs.
All these modem remote access tools keep track of who's using them incase there is malicious use. What's likely happened is a troll is calling tech support pretending to be phil and asking them to block the site and create troll wifi names. Employee has to obey if they've properly validated.
Yeah this is fraud and illegal, but these isp fraud depts are swamped with cases and is likely at the bottom of the ticket barrel for commercial customers. It's something that will likely take weeks to investigate and resolve. Any action related to employees will be kept quiet to prevent legal issues.
The tech telling him this the first time mightve been bullshitting him on talking to a regional manager to make phil happy since they've got metrics to meet. If a manager was contacted, a few emails were sent and eventually nothing happened cause the manager has better things to do. Phil should've opened a fraud case.
If phil wants to fix this, he should go buy his own modem and router that's supported by Comcast network, that way Comcast can't remote into it.
A rogue employee or troll would still be able to randomly restart it, but that's what a fraud case would do. But then again, if that becomes an issue, Phil's account would be noted that tech support shouldn't reset the modem from call ins.
