Apparently no one audits HP’s product line for security issues before they go out the door. Sounds like development or CM forgot to take out the telnet debug port before the product was shipped and well…someone found it and must have contacted HP about it (I didn’t find any trade research papers from a security researcher on it, so odds are it was an HP customer).
http://www.theregister.co.uk/2013/03/15/hp_printers_security_hole/