i would be kinda concerned, what else was done when the cable was disconnected, such as connect to a sniffer,and do some back n forth packet inspection as the client reconnects and starts torrenting again.
They don't need to come on site to sniff your traffic. US law, and likely others, stipulate that the ISP is able to sniff traffic without a truck roll.
and when you sniff right at the customers dropline, its hard to expect someone to believe its not the subscriber, its some imposter forging packets and spoofing your IP.
i really isnt good press to, lets say, accuse subscribers of Criminal involvment based on IP spoofs or hash collisions, so its a good idea to chase it all the way down to the drop line, and any pwnd boxes