Logging into the IoT devices and use them to launch a DDoS attack.
Logging into the IoT devices and use them for real-world crimes. For example, access to webcams can be used for cyberspying/cyberstalking, and bad actors can access smartlocks to conduct burglaries.
Using the stolen passwords in brute-force attacks on other websites. Password reuse is common, and in fact, in its email, Ubiquiti instructed customers to reset passwords that they’re reusing elsewhere.
The FTC Health Breach Notification Rule was enacted 10 years ago to protect the privacy and security of consumer health data not covered by HIPAA, but it was never enforced. A policy decision enacted on Sept. 15 will change that.