1230 PST: The hotfix was successful but we are still experiencing a bottleneck with EJ records that will need to be resolved overnight. Next update by 0700 PST Thursday 6/11/26.
1200 PST: EJ Archiving still working through backlog. Next update by 1300 PST.
1100 PST: EJ Archiving still working through backlog. Next update by 1200 PST.
1000 PST: Hotfix successfully deployed. Terminal Status functionality restored. EJ Archiving is working through a large backlog, Electronic Journal Archiving and SAN will continue to be degraded until this process completes. Next update by 1100 PST.
0915 PST: Hotfix is being deployed to production. Next update by 1000 PST.
0900 PST: We believe we have identified the cause of the EJ Archiving issues and are working to resolve the negative interaction. Next update by 1000 PST.
0845 PST: We are aware of a degradation in performance for our Electronic Journal Archiving service that is affecting multiple services at this time. The RemoteView ATM Journal and Transaction pages, ATM Dashboard Terminal Service and SAN-SCM and SAN-FDE are all affected as a result of the EJ service interruption. Our team is actively troubleshooting the issue. Next update by 1000 PST.
We have received multiple reports of an increase Man in the Middle (MITM) attacks targeting ATMs in the Pacific Northwest and across the United States. All ATM manufacturers are susceptible to this type of attack which targets the physical network infrastructure. A key difference with this current round of MITM attacks is they can defeat basic TLS 1.2.
We recommend the following actions are taken immediately:
· Verify top hat of ATM is alarmed and create a response plan for active alarms to include historical footage review.
· Contact your ATM Host to confirm availability of TLS 1.2 Enhanced.
· Confirm BIOS and firmware are up to date with the latest security releases.
· Verify HDE encryption is enabled on all ATMs.
· Inspect for tampering daily.
· Increase monitoring through Command Center or other remote management tools.
· Report any suspicious activity to the NOC immediately.
These attacks are highly coordinated and often occur after hours. Quick reporting and verification of system integrity are critical in preventing losses. For RVATM users you can confirm HDE, BIOS version and TLS 1.2 Enhanced via Command Center. If you have any questions, please open a ticket with our Support team by visiting cc.cooksolutionsgroup.com or via email at Support@cooksolutionsgroup.com.