I've experienced this, and it's one more nail in the coffin towards treating my local ISP as the dumb pipe the last mile in a VPN.
ISP hijacking is a serious issue, and ongoing. I have been documenting this activity for over a year with WideOpenWest. https://www.wilderssecurity.com/threads/dns-hijacking-by-isps.370893/