PETALING JAYA: The Credit Counselling and Debt Management Agency (AKPK) announced that its online services have been restored after a reported breach on its IT system back in March.

“We can now confirm that all of AKPK’s customer-facing online portals have been fully restored as of 12 noon on Monday, 22 May 2023 and will be in operation from 9am to 9pm for the time being to allow AKPK to undertake routine maintenance and bolster security of the system,” the agency said in a statement today (March 23).

Customers can login to AKPK’s online services using their existing credentials; however they will be required to change their passwords as a preventive measure.

“In consultation with leading cybersecurity experts, we have bolstered our critical infrastructure and implemented extensive measures to mitigate the risk of future attacks. These measures include rebuilding a completely new IT environment on a secure platform and installing leading protection software on all devices and servers.”

The agency added that it will continue to invest in efforts to maintain its cybersecurity systems.

“We strongly condemn the malicious and despicable actions of these cybercriminals who have targeted AKPK, an organisation committed to providing free public services to financially vulnerable citizens.”

An FAQ on the system restoration is also available on AKPK's website.

On March 30, AKPK said it discovered that a server containing customer data may have been illegally accessed and it had taken measures to put operational systems offline temporarily.

Last month, AKPK also confirmed that some data obtained from the data breach have been published on the dark web. It said that affected customers will be notified.