Being good (ok at least some of the time), I went down to tell them, after finding someone who was vaguely technical, they were a little shocked and said they would have the company that does their technical support come over and get it sorted. (A little side note the problems with WiFi security have been known for what something like four or five years, no way should any company still be running open access point.)
Later that day, I saw they had switched on WEP, which while not great is miles better than just leaving things wide open.
So I was surprised when I few days later I saw their network had been switched back to being unencrypted. Now by company blocks webmail and various other things on the company net connection, so having an open WiFi access point is kind of useful and mean I'd already told them once.
The Question becomes do I tell them again they are exposed and help them lock it down (maybe for a (not so) small fee) or leave it open so I can check my webmail?