You're assuming that they even know that someone is hogging that much of their bandwidth and that they know how to block it. Odds are the only thing they know how to do is to completely lock out the router and that would defeat their purpose of having it, which is to provide free to customers.
You're giving them far too much credit here. Most people don't even know how to change the base admin login password. Let alone set up a passkey that is encrypted higher than wep, which with enough traffic on the network can be broken with relative ease, see: Aircrack.
I can't begin to tell you how many hotel routers I've gotten into on a whim that they were stupid enough to not change anything. Hell, even the Verizon store I used to work next too didn't even change the default login/password. They at least had a web based login to use the wireless but still, once I got into the router that sh*t didn't even matter.