If there's a potential risk that someone could gain access to your system by breaching theirs then I would raise it with them immediately.
As they're accessing your system you can probably safely say you always do a security check on hosts connecting to your system to ensure there aren't problems. In this instance it showed that they have an open FTP server.
As they're accessing your system you can probably safely say you always do a security check on hosts connecting to your system to ensure there aren't problems. In this instance it showed that they have an open FTP server.