Regarding the recent multi-person ATM scam one line stuck out as especially scary from a data integrity perspective:

Somehow the group managed to remove the daily withdrawal limits usually imposed on the cards and accounts, allowing for multiple large withdrawals to be made.

Meaning that the team that managed to hack the system, were able to change more than just the data but also the rules of the system. If they were able to do that, it’s safe to assume they may have been able to tamper with records and safety audits to cover their tracks. There may be no way to determine which records in the system are legitimate clues and which have been altered.