877-247-4182
Contact us

You are about to leave the Dolphin website and link to a trusted third-party vendor.

The information on these websites is created, published and maintained by our vendors. Dolphin Debit Access does not guarantee the accuracy or completeness of the information provided, and therefore cannot be held liable for content or accuracy. Any use of the information obtained from third-party vendor websites is voluntary.

Continue
Web Tools Login
Dolphin Debit Logo

In The News

How to Protect Your ATM Fleet from “Man-in-the-Middle” Attacks

By: Joe Woods, CUDE and Danny Phillips

Unfortunately, ATM crime continues to grow across the country, and it’s no longer just a
matter of brute force. While physical attacks, like “ram-raids” and robberies of cash-in-transit (CIT) personnel remain a concern, the threat landscape has shifted toward more sophisticated, less bombastic crimes.

In mid-2024, the cyber investigative division of the U.S. Secret Service issued a memo
warning of increased jackpotting activity, including man-in-the-middle (MITM) and black
box techniques observed across more than a dozen states. And, according to the ATM
Industry Association (ATMIA), jackpotting/cash-out attacks were the most common type of
ATM crime in the U.S in 2025, making up 74% of all criminal activity.

Physical security remains vital, but credit unions need to be prepared and know how to
defend themselves against MITM attacks.

How MITM Attacks Work

An MITM attack occurs when a criminal intercepts the communication between the ATM’s
internal computer (the CPU) and its hardware components. Here’s how an attack typically
unfolds:

• Physical Access: Using a universal manufacturer key, which can be bought easily
on the gray market, the criminal unlocks the “top hat” (upper section) of the ATM.
• Interception: They physically disconnect the cables between the PC and the cash
dispenser, inserting a rogue device (often a small “black box” or laptop) in between.
• The Jackpot: This rogue device sends a direct command to the dispenser to empty
the cash vault. Because this bypasses the traditional banking network, no
cardholder accounts are touched and no alerts are triggered at the host level.

The attack often happens after hours, and unfortunately, no one is made aware until a
cardholder attempts a withdrawal and is denied due to a lack of funds in the ATM. The
system still thinks it has cash because the link between the CPU and ATM hardware was
cut when the cash was removed.

Universal Access Presents Vulnerabilities

It’s a frustrating reality of the industry: Most ATM manufacturers use standardized keys for
the top hat enclosure. While this was designed for the convenience of maintenance
technicians who may service dozens of machines a day, it has created a massive security
loophole that criminals are now exploiting with precision.

While deterrents like sirens, strobes and silent alarms can help, they are often just hurdles
for a determined criminal. The real solution lies in the architecture of the ATM’s
communication and the expertise of the operator managing the fleet.

These attacks can be devastating for a credit union of any size, because once a
vulnerability is found, criminals immediately look for other ATMs in the credit union’s fleet
they can attack next. And, they can hit several ATMs in just a few hours.

Secure Your Fleet with Dolphin Debit Access and CU*SOUTH

Protecting your credit union shouldn’t be a DIY project or a hidden expense. Rather, you
need an ATM operator that implements proactive defense parameters, including encrypted
communications and advanced hardware monitoring, without charging you out-of-pocket
for every necessary security upgrade.

CU*SOUTH is proud to partner with Dolphin Debit Access, a national leader in ATM-as-a-Service. Dolphin Debit manages the entire lifecycle of your fleet, providing state-of-the-art processing and security that leads the nation in protecting financial institutions from both
physical and digital threats.

Contact your CU*SOUTH representative at (251) 317-3888, or fill out a form from Dolphin
Debit’s listing on our Preferred Provider page, and we’ll coordinate a meeting with the
experts at Dolphin Debit to review your current security posture and discuss how a
managed solution can reduce your capital expense while fortifying your credit union
against the latest ATM attacks.

Joe Woods, CUDE, has spent more than 20 years serving the financial services industry. As
SVP, Marketing & Partnerships at Dolphin Debit Access, Joe helps serve credit unions
across the U.S. through a turnkey program designed to eliminate capital cost and reduce
the operating expenses and headaches of managing an ATM fleet.

Danny Phillips has more than 20 years of credit union experience and expertise in lending,
risk analysis, underwriting and team development. With a track record of creating new loan
products, building departments from the ground up, and optimizing operations across
lending, compliance and marketing, Danny is dedicated to driving growth and enhancing
client experience at CU*SOUTH as the Senior Vice President of Client Experience.

All News