.jpg)
Man in the Middle Attacks Reminder
NCR Atleos is receiving multiple reports of man-in-the-middle jackpot attacks in the United States. These attacks target drive-up ATMs deployed by community banks. The targeted ATMs have the common NCR Atleos top box key, and successful attacks have been on ATMs/ITMs that critically do not have protection on host communications as described in the Sept. 2, 2024 NCR Atleos Security Alert.
Some attacks have resulted in significant cash loss. Other attempted attacks have failed because host communication protection was in place.
Locations of banks that have reported attacks are in southeast USA.
NCR Atleos presumes attackers are mobile, knowledgeable and equipped to jackpot any unprotected drive-up ATM/ITM in the US.
Action required
It is critical that protection is applied as per the Sept. 2, 2024 NCR Atleos Security Alert as soon as possible.
Further details about complete ATM logical security can be found in our Logical security best practices whitepaper.
If your NCR Atleos solutions include ATM as a Service Turnkey or Managed Services, please consult your account manager to understand if action is needed.
For questions, please reach out to your NCR Atleos representative.
Thanks for your support,
NCR Atleos Security team
Sign up for NCR Atleos Security Updates
As part of our commitment to ATM security, we regularly provide alerts and updates to the market on global ATM security issues and situations.
We issue alerts when:
- We receive reports of new ATM attacks
- We receive reports of modifications to ATM attack methods
- Industry compliance issues require actions by ATM deployers