Medibank is running a “not secure” customer login website that has been “exposed and exploitable” for the past five months, says cybersecurity expert.

Optus was operating a “revoked” online safety certificate on its “API” subdomain and had an insecure customer site as early as February 2021.

Almost a month after Optus suffered one of the worst data breaches in Australian history it continues to run a “completely insecure” website, says a top cybersecurity expert.

Optus owner Singtel has suffered another serious Australian breach, with data appearing on the dark web after an “unauthorised third party” accessed customer information and the personal records of 1,000 employees.

Telco giant Optus runs a “world-class” global cyber security business but is refusing to say whether it was used to protect its Australian customers, the group’s biggest source of profit.

The top public official responsible for penalising medical practitioners who rip-off Medicare was paid for two Federal Government jobs for her entire five-and-a-half-year tenure.