So, how screwed am I. Seriously, I want to know!!!
Potentially? Totally. The only thing you can do is fix your security (done) and watch your credit card statements and credit reports. That's it. If you find out that you are a victem of identity theft then you can file a report w/ the police department and start having fun trying to get things fixed.
Odds are, however, that if nobody has abused the data yet, they're not going to.
As for banddirector's question -- I presume you have no idea whose networks are unprotected, so knocking on their door isn't really viable. The only thing I can think of is to logon to their network and send them a message via net send (Windows Messenger service). Of course, if they disabled that service, aren't running Win XP/2k, are running with a firewall, or several other things I'm forgetting then they'll never see it.
On the evil side of things, consider this -- as long as there's an unprotected WAP nearby, it's highly unlikely anyone will take the few minutes needed to crack your WEP.