a) knew it was non-prime, and used it to weaken the crypto
b) knew it was non-prime, and used it because they didn't think it needed to be prime (which is a massive sin of ignorance)
c) grabbed 1024 bits of rand() and didn't check if it was prime (again, stupid)
d) grabbed some rand and checked the prime-ness using a bad method
e) used a "prime number generator" that produced bad output
I agree that making non-prime numbers is not terribly difficult, but the question of how they got the number is only interesting in that it gives info about why.
This case could actually be tested for - see if any of the one-bit differences from the number used are prime.
Edit: A single bit flip could have been used as "semi" plausible deniability in the case of malicious intent.