A man has been arrested on suspicion of masterminding a £1.6 million cyber raid on cash machines across the country, including several in Yorkshire.
A 37-year-old man is being held by detectives in Portsmouth after the seven-figure haul went missing from a string of dispensers.
Detectives believe an organised crime gang from eastern Europe inserted a computer virus into cash machines in locations including Brighton, London and Liverpool.
Devices in Blackpool, Doncaster and Sheffield were also targeted, City of London Police said.
A suspect arrested on suspicion of conspiracy to defraud is currently in custody. An address in Edmonton, north London, is also being searched as part of the operation.
Detective Inspector Dave Strange said: “An extensive, intelligence-led investigation has uncovered what we believe is an organised crime gang systematically infecting and then clearing cash machines across the UK using specially created malware.
“Cyber-enabled crime presents a major threat to our public and private sectors and to an increasing number of citizens.
“The only way to tackle this is by law enforcement and counter fraud agencies working in alliance, which is exactly what the London Regional Fraud Team and National Crime Agency (NCA) have done over several months culminating in today’s arrest.”
Police said each machine was physically broken into and infected with malware before large amounts of cash was withdrawn.
Detectives believe the malware subsequently deleted itself, making it difficult to identify the cause of the attacks. The physical nature of the attacks meant customer data was not compromised.
Nigel Kirby, deputy director for the NCA’s economic crime command, said: “The NCA provides specialist support to partners to present a collaborative response to serious and organised crime.
“This operation represents a significant disruption against a sophisticated criminal enterprise who used specialist malware to target cash machines and steal large quantities of cash.”