"The hijacker says he or she wrote a script that scanned for insecure public-facing devices with open RAW, Internet Printing Protocol, and Line Printer Remote services – running on network ports 9100, 631, and 515, respectively – and fired over print jobs."
Yes, it all goes back to user or IT mistakes. As mentioned above -- leaving ports open, not updating firmware, not having good user policies in place, etc. There's a great blog that gives you ideas on how to make sure your printer is protected including reviewing an existing security policy and assessing network vulnerabilities. You can read the rest of the blog here. It's a bitly: /2korB0y
--Karen Bannan for IDG and HP