FBI Warns of Surge in ATM “Jackpotting” Attacks: $20 Million in Losses Reported in 2025 Alone

The FBI has issued a new FLASH alert warning financial institutions and ATM operators of a significant rise in malware-enabled ATM jackpotting attacks across the United States. Jackpotting involves criminals using malware and physical tampering to force ATMs to dispense cash without accessing customer accounts.

According to the FBI, since 2020, approximately 1,900 ATM jackpotting incidents have been reported nationwide. Alarmingly, more than 700 of those incidents occurred in 2025 alone, resulting in over $20 million in losses. The FBI is encouraging financial institutions to review the indicators of compromise, strengthen physical and software safeguards, and implement recommended mitigation strategies immediately. You can review the entire FLASH alert here.

According to the alert, physical indications of jackpotting include:

• ATM door open alerts outside of planned maintenance schedule
• Low/No cash indicators outside of expected use schedule
• Unauthorized devices plugged into the ATM
• Removal of hard drives from ATMs
• ATM unexpectedly out of service

Mitigations strategies from the FBI include:

• Conduct a review of physical ATM security, including lock mechanisms and service key control.
• Implement tamper detection and real-time monitoring where possible.
• Train staff and vendors on emerging jackpotting tactics.