A glitch caused by a software update that was undetected for six weeks allowed casino customers to take $3.2 million from a faulty machine at The Star in Sydney.

An inquiry into The Star casino this week heard that bad software underpinning four “ticket in, cash out” machines allowed customers to withdraw millions of dollars – that they had not earned – midway through last year.

The software glitch was in place for six weeks before it was detected by The Star staff in a “very significant failure” by the casino operator.

Ticket in, cash out (TICO) machines are ATM-like kiosks in casinos that allow customers to convert their winnings on machines such as pokies into cash.

To do this, they simply insert a voucher with a barcode produced by the gaming machines into the TICO machine, with cash produced.

It allows customers to receive their winnings without any human interaction, with winnings capped at $2,000 in an effort to mitigate money laundering risks.

The inquiry heard that in June and July last year, a software defect in these machines allowed customers to insert two vouchers into them and receive cash back, and then also receive one of the vouchers back again to be reused again.

This allowed customers to continuously reuse the voucher without having actually won this money.

“What occurred was small additional amounts of cash were being provided to customers in circumstances when they shouldn’t have received it because of that defect,” The Star Sydney special manager Nick Weeks told the inquiry this week.

This glitch was not detected by the casino, but word spread quickly among customers about the free cash trick, with 43 people using the faulty machines to withdraw a combined $3.2 million over a 13-day period.

An investigation into the incident identified “numerous failures” by humans, processes and technology that led to this not being found out for six weeks.

“What this incident identified to me was the cultural problem in parts of the casino in relation to the level of rigour through which controls are followed, the level of care in which work is conducted and the desire from people in the business to drill down on things in circumstances where they don’t appear that they are correct,” Weeks told the inquiry.

Going after the customers

According to the Sydney Morning Herald, The Star reported its own customers that had taken cash through this trick to the police, with several individuals arrested.

According to the report, one recovering gambling addict visited The Star in early July last year to see a friend.

She ran into a friend’s boyfriend who told her about the glitch, and she proceeded to withdraw a total of $57,265 over 10 days from the faulty machines.

This individual has now been arrested over the incident, with her lawyer Natalija Nikolic arguing that the blame lies at The Star’s feet.

“They were giving away $3 million and didn’t even notice – a system so evidently lax that it is a honeypot for money launderers,” Nikolic told the newspaper.

“In our view the worst offending in this whole scenario could be laid at the feet of Star for these negligent breaches.”

The Star Sydney was approached for comment but had not replied by time of publication.