[AndyKelley]

In other words, he did some kind of internal hacking to install his code - illegally bypassing the code review process.

[bdunbar]

Maybe? I can only speculate that the hack wasn't in the code at all, but something he installed on the individual ATM.

"Oh, look: you can login to the ATM after installing the code. Hey what if I ..."

If so he didn't bypass the code review so much as skip around it, whistling a jaunty 'nope nothing illegal here' tune.