It’s for security reasons, you know. People need to be hacked in order to be secure. From Naked Security:
The plan: in mid-February, staff at the National Institute of Information and Communications Technology (NICT) will generate user IDs and passwords and use them to try to break into a randomly selected batch of about 200 million IoT devices, such as routers and webcams.
Then, the owners of the breached devices will be told to bolster their cybersecurity.
The aim is to shrink the surface area available to attackers in the run-up to the Tokyo Olympics and Paralympics in 2020. That’s not a bad idea: after all, some systems went down around the time of the opening ceremony for the Winter Olympics in Pyeongchang, South Korea, last year.
Credential stuffing, by the way, is when you take login info exposed in a leak or breach, and then start testing it elsewhere. If you use the same password everywhere, and one of your accounts get leaked or breached, guess what? To shamefully steal a classic internet joke, ALL YOUR ACCOUNT ARE BELONG TO US. That joke is actually rather apropos here. Anyway…
The problem with this is yet another example of the “must violate you to keep you safe” mentality, which is unfortunately pretty common at this point. The gov is hacking its citizens, but it’s for their own good, of course.
Read the whole article from the Japanese media, and then go change your passwords, since you’re probably using the same one for everything. And no, it’s doesn’t matter that it’s the Japanese government.