Action Alert: ATM "Jackpotting" Robberies in U.S.
A series of “jackpotting” attacks have recently occurred on ATMs in the western United States. The most recent robberies were conducted by an organized crime group out of Latin America, and while the reported attacks all targeted Diebold machines, other ATMs may be vulnerable.
These are sophisticated robberies whereby criminals gain access to an ATM’s cash by installing malware onto the machine, or otherwise bypassing the machine’s infrastructure to send an unauthorized code forcing it to dispense money. Criminals gain access to the ATM’s core by breaking the top-box of the machine, or by using a front-cover key (top portions of ATMs are not typically monitored by third-party networks or transaction processors). Once physical access is gained, criminals leverage access to a USB port or CD-ROM drive to infect the ATM with malware.
The Michigan Credit Union League advises all credit union CEOs to take this threat very seriously. Please work with your operations managers, IT professionals, risk managers or other associated personnel to take the following actions:
- Contact your ATM provider and start working on a plan to protect your credit union and your ATM network.
- Ensure that your credit union has physical control of the upper compartment of all ATMs, and that some type of alarm will alert the credit union of a possible compromise.
If you have any questions or would like additional information, please contact MCUL Director of Regulatory Affairs Sarah Stevenson via email or at 734-793-3494.
Go to main navigation