A person logged into my Facebook account and changed the password. An email was sent to the associated email address saying the password was changed from the city I live in and listed the IP address the password was changed from (it was not my IP address). I have a suspicion of who the person was so I checked the IP address in the header of an email sent from this person and it was the same IP address as the one associated with the password change. Is this an accurate way to determine if this is the person who changed my password?
That email should've also included a link to alert facebook that you're not the one who made the change. I'd suggest clicking that link and creating a better password. The ISP will not release the users details without a subpoena so it's useless to speculate further about who did it. You'll just have to follow your gut feeling.