I suppose you have a router with an active firewall. Your computer or smartphone connects to that router and gets a local IP address. That IP address is not public, and as long as you have no ports open on the firewall, no port forwarding to your computer, it should be relatively safe. The router does have a public address, and that can be used in several ways.
You can connect directly to the internet, and this is the case with smartphones which connect via 2G, 3G or 4G. Do these computers have firewalls, open ports? In general I guess they don't have open ports, unless you start something like an FTP-server. And they don't have a firewall if I'm correct. As long as there are no open ports this is not a problem. I suppose these IP addresses are dynamic, so after a while you get a new one, but I'm not sure if that is really the case. (As @Josef says in his comment, providers have a firewall that protects the phone which connects directly via 2/3/4G, and this seems logical.)
So your IP address... It's just a number, not secret in any way. It's one in a list of numbers starting with 0.0.0.0 and ending with 255.255.255.255. You are nothing but a number just as any of us is. What can be a problem is that if someone knows you, knows your (static home) IP address, and wants to target you personally.
The average hacker tries to install a rootkit on your computer. The hacker that targets you personally can use anything. Your IP address won't be that important.
Start a webserver at Amazon or Linode, open up the SSH port, monitor that port, and you'll see that on no time hundreds of attempts are done to login, just based on IP address. Day in day out, it never stops. Nothing personal, just business as usual in the modern world.
You focus on an attack. I guess the real issue is about privacy, because you can be tracked across websites. Hackers in general don't benefit from this because they don't control all those sites and cannot monitor their logs. Facebook and Google do. The NSA probably does. Someone who hosts a website where you post personal info can use it. Especially those "like" buttons that you see everywhere, on news sites, blogs etc - they are the a true privacy issue as those buttons are downloaded from Facebook or Google, and then they get your IP and know that you visited that one page.
There are many browser addons that promise to protect you, but only use the original ones like Privacy Badger, Adblock Plus or Ghostery. Addons that have a similar sounding name cannot be trusted and should not be used.
One example I just saw: A hacked DDoS-on-demand site offers a look into mind of “booter” users