Seconded. Diebold (specifically, Opteva line) run plain old Windows XP. Some of them run Win XP Embedded. All of the "peripherals" in this case such as the cash dispenser, card reader, depositor if equipped, etc are just USB devices. The computer is NOT in the vault portion of the ATM, so if you can get into the flimsy door, you can get access to the computer.
If you know the passwords (they are surprisingly easy
I'm not sure why Diebold picked Windows, I would have preferred Linux of course, or perhaps back in the old days when the ATM wasn't a general purpose computer - it was a board with discrete circuitry and firmware. Everything to the network may be 3DES encrypted, but since it's Windows just get yourself a piece of malware on there and capture everything. Come back, retrieve the data, make yourself some cards, PROFIT. Of course, this required physical access.
The older model ATMs (like the Cashsource Plus 200/400) still run eComstation (OS/2) and can connect via modem (really just serial) or TCP.
NOT posting anonymously either. It's not like it's some big secret. If they secured their stuff, they wouldn't have to worry about it.