The Internet of Things (IoT) is shaping a world where devices are increasingly interconnected, cheaper, and ubiquitous. The more we move toward this world, the more cybersecurity becomes paramount. Nevertheless, we argue that there exists a category of IoT devices which commonly overlooks security, despite dealing with sensitive information. In order to demonstrate this, in this work, we present the results of the security assessments we performed on two IoT devices that we consider emblematic of such category: the Rohs K88h smartwatch and the Sricam SP009 IP camera. The results demonstrate the existence of critical vulnerabilities that could be easily exploited, even by non-expert attackers, for extracting sensitive information and severely impacting on user’s privacy.