Bizarre. But the article outlines a lot more vulnerabilities. Seems like every part of this device is poorly secured.

IOActive’s hacking technique exploited glaring security vulnerabilities they found in the shufflers, the researchers say: They bought their own Deckmates for testing from second-hand sellers, one of whom told them a password used for maintenance or repair. They found that this password and others they extracted from the Deckmates’ code were configured in the shuffler with no easy way to change them, suggesting they likely work on almost any Deckmate in the wild. They also found that the most powerful “root" password to control the shuffler—which, like all the Deckmate’s passwords, they declined to publicly reveal—was relatively weak.

This is just ridiculous / hilarious.