We will present a summary of the different types of ATM cash out attacks, which we have investigated. The session will include the ingress point, lateral movement in the network, and how the intruder was able to achieve his objective. Post, we will present some statistics regarding PCI DSS controls, which were missing in the environment. Lastly, we will conclude with the best practices which the industry can implement to detect this type of incident at an early stage.