Yes, absolutely; they could passively intercept the traffic on your network, pick one of the MAC addresses in it, and write it their network interface. As a guy who's more familiar with the wired world, I'm realizing that wireless MAC filtering isn't the show stopper I expected it to be.
Getting back to the subject of the post, if you're back to the factory defaults then your router isn't compromised, but the systems behind it may still be. Logs are the name of the game: hopefully your personal firewall logs, system logs, etc. will provide some answers.