18 billion devices at risk: IoT data breaches and the defense dilemma for businesses

As of 2025, the world has recorded an estimated 18 billion active Internet of Things (IoT) devices, a figure expected to more than double to 40 billion by 2030. This exponential growth in network-connected equipment brings an enormous risk of IoT data breaches.

Today, enterprises deploy a vast array of security cameras, medical devices, and industrial sensors to optimize operations, but inadvertently create significant weak points within their network infrastructure. When information is stolen, organizations face not only severe financial damages but also the risk of comprehensive operational disruption.

The current landscape of IoT data breaches

Threat actors consistently target devices with low-priority security configurations to establish a foothold for deeper infiltration into internal networks.

In July 2025, a massive botnet named BadBox 2.0 infected over 10 million IoT devices, including smart TVs, in-car infotainment systems, and digital picture frames. These compromised devices were hijacked to execute distributed denial-of-service (DDoS) attacks and hijack user accounts on a global scale.

Similarly, the Raptor Train botnet successfully compromised over 200,000 routers and IP cameras by exploiting unpatched software vulnerabilities. In the consumer sector, the streaming platform Roku experienced breaches that exposed 576,000 accounts due to credential stuffing, where attackers reused passwords leaked from previous breaches.

Critical vulnerabilities fueling IoT data breaches

Connected devices often possess highly limited computational power, resulting in a lack of built-in security features.

The primary vulnerabilities that leave these systems exposed include:

• Weak Authentication Systems: Many IoT devices are deployed with default passwords like 'admin' or '12345' left completely unchanged. Hackers easily locate these default credentials online and conduct widespread scanning to breach the network.

• Unencrypted Data Transmission: Devices frequently transmit sensitive information in clear text. This flaw allows cybercriminals to easily intercept and read data passing between the device and the central servers.

• Outdated Firmware and Software: Numerous devices operate on legacy software and are entirely abandoned by manufacturers regarding security patches. Vulnerabilities that have existed for years are actively exploited to gain unauthorized control.

• Lack of Security Monitoring: Many organizations lack a comprehensive inventory of the IoT devices connected to their network, leading to operational blind spots where unauthorized access and abnormal behaviors go undetected.

Legal pain points and financial repercussions

The consequences of IoT data breaches extend far beyond standard technical disruptions. Under Decree 356/2025/ND-CP on personal data protection (effective from January 1, 2026), organizations are legally mandated to implement robust cybersecurity measures to prevent the loss of personal data during storage, processing, and transmission.

Furthermore, the Cybersecurity Law 116/2025/QH15 strictly outlines the responsibilities of organizations in evaluating and managing risks for critical information systems. Failing to secure user information due to poorly configured IoT devices will subject businesses to rigorous administrative inspections, heavy financial penalties, and a devastating loss of brand trust.

Comprehensive solutions to prevent IoT data breaches

Businesses must establish baseline security standards from the very beginning of device deployment. Mandatory requirements include changing all default passwords, enforcing multi-factor authentication (MFA), and consistently applying firmware updates. Implementing network segmentation is also a critical step, as it isolates vulnerable IoT devices from core business systems and data storage.

Continuous monitoring of device behavior is a non-negotiable process. For small and medium-sized enterprises (SMEs) struggling with the budget and specialized personnel required to maintain an in-house cybersecurity team, utilizing the ecosystem of managed services from IPSIP Vietnam provides a direct and effective resolution.

The 24/7 SOC (Security Operations Center) service delivers continuous network traffic analysis, rapidly detecting and intercepting unauthorized device control attempts. Combined with Vulnerability Scan and Firewall services, organizations can proactively identify outdated device software while blocking malicious external access efforts, thereby ensuring complete data integrity without the overhead of internal IT expansion.

Securing the network of connected devices is the foundation for safe business operations. Conducting periodic risk assessments and maintaining strict monitoring systems will empower enterprises to proactively neutralize the threat of IoT data breaches and safeguard all digital assets.

----------

References:

• Article: "The Top Internet of Things (IoT) Cybersecurity Breaches in 2025" - Asimily.

• Article: "Top 10 IoT Security Risks and How to Mitigate Them" - SentinelOne.

• Article: "Top IoT Device Vulnerabilities: How To Secure IoT Devices" - Fortinet.

• Document: "Decree 356/2025/ND-CP: Detailed regulations on the Personal Data Protection Law" - Vietnam Government.

• Document: "Cybersecurity Law 116/2025/QH15" - Vietnam National Assembly.