Did someone impersonate my WiFi?

The attacker did not seem to really try to conceal his track :he could have faked an existing MAC address for instance, or used the classical yagi antenna + high power WiFi adapter to silently intercept your communication. Instead it seems he just used a classical home grade WiFi range extender with what seems to be default settings.

So it still seems very possible to me that he just wanted to get a free / pseudo-anonymous Internet access and was actually not interested in your own data.

You can (and should!) still inspect:

• If you can determine the usage the attacker made of his access (have you got logs showing he connected end-user devices to browse the web for instance? Or high activity caused by peer-to-peer sharing services?),
• If you can detect any abnormal activity on one of the account you were using during this period (mail, websites, etc.).

In all case, while changing the WiFi access security and password was the minimum, as a precaution measure I would also suggest to change the password of the above mentioned accounts.

Note that the direct attacker of your WiFi account may not be your only threat there. If, as I suppose, this attacker used your Internet access to go on dubious websites or freely download pirated material, then chances are that his own machine may be infected by some malware so, for some time, you hosted an infected machine in your network. This may worth a few sanity measures.

This is quite possible. Are there any logs on your router you can check for more information? Also, is WPS enabled on your router? If so, disable it ASAP, close all ports except for 80, change your router password (make it long and complex) and update your router firmware.

While that could certainly be the case I recommend that you dump all of your logs files from the DHCP service (If your router has retained them) from the point you believe that your router's security was compromised and see if any unknown devices requested an address. This would certainly show that at the very least someone compromised your security and put your data at risk, something that is most definitely a legal offense in the US. As mitigation for the future the best thing you could do is configure your own certification authority and have it issue your access point a certificate thus providing trust between your client and the router.