November 28 , 2017

We wanted to pass along information we received from Diebold Nixdorf and from community bank trade associations in other states regarding recent hackings of ATMs.  While Diebold was the most recent target, other ATMs could obviously be targeted in the future. 

Among the items we wanted to bring to your attention: 
  • Attacks have been limited to non-branch machines but have include drive-up island terminals. 
  • Most, if not all, ATM manufacturers ship new machines with a common top-hat key. For example all Diebold units use the same key for entry into the upper portion of the ATM.  There are client reasons for this, serviceability, operational efficiency, etc. 
  • Top-Hats of ATMs are not typically monitored by third party networks and transaction processors. 
  • These attacks took hours to complete as the units can only dispense 50 notes at a time, in some cases we've seen the perpetrators take up to 4-5 hours. 
  • The attackers were dressed to appear to be valid servicers of the ATMs. 
  • Authorities have reportedly apprehended four of the perpetrators in Utah and Colorado.
There are  multiple technical initiatives underway to address and prevent these kinds of attacks. Diebold clients should contact their Diebold Nixdorf Account Manager directly, or Senior Director/Client Management-Regional Accounts Ron Craddock at ronald.craddock@dieboldnixdorf.com. 

In the meantime, banks should consider taking steps to physically control access to the upper compartment of their ATMs, and alarm them to alert to possible compromise.
We hope this information proves helpful. Please feel free to contact us with questions.

Stephen W. Rice
Independent Bankers Association of New York State
Stever@ibanys.net
(518) 461-9839
See what's happening on our social sites