You are correct: printers are a juicy target for several reasons. First off, they often store sensitive documents in their print spool. Printers are often combined with a document scanner, too, and docs are often stored in the scanning archive for far longer than most people expect.
Second, combination printer/scanner/fax machines are increasingly sophisticated, and they have general-purpose computers installed inside to control all of the action. Attackers can access printers in several ways, such as a modem, wireless access point, or through a jump-off from spyware-infected desktops. After gaining access, they can use this power to hit other machines on your internal network.
Thirdly, Windows and Linux systems are often built into many modern printers. Because these computer controllers get little hardening and patching attention, they are often vulnerable.
Fourthly, most printers have unfettered access to an internal network. Thus, an attacker who compromises a printer can scan all over for exploitable systems.
Finally, security personnel often don't monitor or give such devices much attention because, after all, they are "only printers." This last perspective is quite unfortunate.
So, what can you do? First, harden your printers. Shut off any unneeded services
Next, shore up the management protocol used for the printer. Most modern printers support some sort of management via HTTP and/or HTTPS, and a few even support Telnet or Secure Shell (SSH). Carefully choose a management protocol that provides encryption, like HTTPS or SSH.
By default, most printers allow admin access with either no password or a widely known default one. Change the password to a value that is more difficult to guess.
Lastly, make sure that your printer doesn't have wide-open access to the rest of your internal network. Consider putting your printers on their own private VLAN. Filter access to that LAN so that the printer can receive print jobs, but not initiate connections to any other systems. Going further, if you have the budget and the time, you can even put a firewall in front of your printers to really limit access to and from them.