For a long time now Zuku and their sub contractors(e.g Kenyacam) have been setting up clients and not advising them on how to secure their(clients) network i.e by setting up SSID or WIFI security.Some clients have managed to change this SSID or WIFI to suit them and more secure.This however is just one part of basic security.Most of the routers have an option for remote access meaning that if i have the IP address assigned by Zuku i can go ahead and access the device from any location since most of them have the default username and password its quite easy to login.This backdoor access mostly affects Cisco EPC2425 router/gateway for those on the old Zuku network and Huawei HG8245 which are being used on the new Fiber network.
By someone having access to your router, a number of things can happen e.g change the DNS server in a way that all you traffic will go through a specific server and hence information from you router can be harvested this includes you logins and passwords and this is for everyone connected to the router.
Or petty people would change the password to your router and wifi locking you out though a router reset would resolve this.
I have contacted Zuku regarding this problem of default credentials but they have not responded.I have so far been able to test and verify my claim with close to fifty routers on Zuku network specifically Huawei HG8245.I am however sceptical on displaying someone's IP address because i dont have control of what will happen after that.I am posting this to help resolve this and not to be a source of pain and misery.

What if using the binoculars you note that the gate and main door to House No X has a faulty padlock which is pulled to unlock and pushed to lock just that.Tafakari hayo.Endless possibilities.
Anyway with one having access to you router ,traffic(think all credentials, business emails and conversation) can be redirected to a rogue DNS server and within no time your email account is not accessible you pc is infected with a keylogger that notes every stroke of the keyboard.Endless possibilities.

Let me call you bluff. Here we go. I got Zuku Fibre, my router is pretty old, actually, a Cisco EPC2425. Well, send me mail on holycowazua@gmail.com so that i can give you my IP address. Just a quick one, which IP do you need? I seem to have different ones. The one from "whats my IP" is in the range of 154.70.xxx.xxx while the one from router DHCP is 10.224.xxx.xxx.

This guy has a point, those on Zuku, better take him serious. Well, I'll furnish him all the details when i get home to complete the test. So far, what he has shared with me is scary. This guy knows his stuff.

While it is fun to learn how to hack, sometimes it's tough to practice your skills without breaking any laws. It turns out if you have any consumer devices on your local network, you already have everything you need to practice penetration testing...

Nope, he shared the idea with me. I have put it to test on other innocent Kenyans( i did not tamper with anyone, just peeped and left). Lets just say, the techies at Zuku are very very careless or assuming a lot.

You might not realize you have an Internet address that’s as well-defined as your street address. To see your own public IP address, surf to whatismyip.com. Your address will be displayed in big bold letters and will look something like this: 101.75.75.101. In most cases, this public address leads straight to your router, which as its name implies, routes all data traffic between your networked computers, tablets, smartphones, webcams, and to and from the outside world.

If someone gains control of your router, you’re in for a rough time. They can open and redirect any sort of traffic anywhere they want. The havoc they wreak can also ruin a whole lot of other people’s days with what’s relayed through your equipment.

Most routers and many NAS devices come with well-documented default login IDs and passwords (“admin” and “password,” for instance). These devices typically have installation wizards that prompt the user to change them before the device is connected to the Internet. But for one reason or another, that step is sometimes skipped and the password is never changed. Other times, the password is updated, but at some point down the line, the user performs a hard reset. This common troubleshooting step often restores the old, weak password without the user's knowledge.

Enabling UPnP on older firmware—a step that most router manufacturers recommend, because doing so simplifies configuration—can expose connectivity to FTP and SMB servers running on the router, enabling any Internet snoop to access every file on an attached storage device. An anonymous group recently posted a list of several hundred IP addresses assigned to vulnerable Asus routers.

You can’t afford to wait for the industry to wake up. Take action now to lock down your router, your NAS device, your IP cameras, and every other device on your network that’s exposed to the Internet. Unless you want people stealing your bandwidth; your private photos, documents, and movies; and watching whatever your cameras are focused on.

Changing default passwords is one of the basic steps that must be taken to secure a network. Zuku, if they aren't doing it, wouldn't be the first to ignore this procedure. War drivers have accessed airport lobbies (in developed countries mind you) and logged in to wireless access points using default username/password combinations. What i have realized lately is that ISPs are hiring --mostly outsourcing- poorly trained technicians to manage devices. At this point its actually up to the users themselves to secure their devices. The Chinese aren't sleeping for your information, they actively scan and try to brute force poorly configured devices. A simple change of the default username and password is an effective countermeasure to this security risk.