Web version / Mobile version



LP, AP & Cybersecurity's #1 News Source




























GROC 13th Annual Retail Crime Conference

Black Hat USA 2023
August 5-10

GSX 2023
September 11-13

APEX Conference
September 13-15

October 2-4

See More Events











It's 'CIS Week' on the D&D Daily!

Follow along in the 'Vendor Spotlight' column below as CIS Security Solutions showcases solutions for the retail industry

Leading Multi-brand QSR Franchiser, BRIX Holdings, Chooses Interface to Streamline Network and Security Operations at All Locations

Interface will deploy standardized restaurant technology solutions at Friendly's, Red Mango Cafe, Smoothie Factory + Kitchen, Souper Salad, Orange Leaf, Humble Donut Co, Greenz, and Pizza Jukebox

St. Louis, MO (June 13, 2023) - Interface Systems, a leading managed service provider of business security, actionable insights, and purpose-built networks for multi-location businesses today announced that BRIX Holdings ("BRIX"), a leading multi-brand franchising company that specializes in the "better-for-you" QSR segment, has chosen Interface to deploy managed network, business voice, PCI compliance, business security, and business intelligence solutions for all their franchise locations, including Red Mango Cafe, Smoothie Factory + Kitchen, Souper Salad, Orange Leaf, Humble Donut Co, Greenz, Friendly's and Pizza Jukebox.

Interface's solutions enable BRIX to offer its franchisees a modern and proven technology template that can be replicated with ease at any number of locations consistently. By choosing Interface's suite of managed services, BRIX has laid the foundation to accelerate expansion and offers franchise operators a proven technology model to run successful businesses.

Read more here

The U.S. Crime Surge
The Retail Impact

House Subcommittee Hearing on Organized Retail Crime - Today
The Rise in Organized Retail Crime and the Threat to Public Safety

Date: Tue, 06/13/2023 - 2:00 PM
Location: 2141 Rayburn House Office Building

The House Judiciary Subcommittee on Crime and Federal Government Surveillance will hold a hearing on Tuesday, June 13, 2023, at 2:00 p.m. ET. The hearing, "The Rise in Organized Retail Crime and the Threat to Public Safety," will examine the rise in organized retail crime that is causing businesses to close and endangering the public. Criminals who engage in organized retail crime are emboldened by leftist rogue prosecutors, progressive bail reform laws, and other soft-on-crime policies in Democrat-run cities.


• Attorney General Kris Kobach, Kansas
• Lorie Mohs, Mother of Blake Mohs, organized retail crime victim Murdered at Home Depot
• John Milhiser, former U.S. Attorney, Central District of Illinois

Subcommittees: The Subcommittee on Crime and Federal Government Surveillance house.gov

NRF worked closely with committee staff and provided the opportunity for several retailers to talk to staff on background about the ongoing challenge of ORC. NRF also submitted a written statement for the record
which can be viewed here. NRF continues to encourage members to send letters of support of the Combating Organized Retail Crime Act (S. 140/H.R. 895). nrf.com

Stand up against organized retail crime.

Send a message to Congress today!

TODAY: Congressional hearing about organized retail crime

A key congressional committee is holding a hearing today to discuss the rise in organized retail crime and how it threatens public safety. It is crucial to voice your concerns to your representatives in Congress and urge them to act.

Join NRF in calling on Congress to address rising retail crime by passing the Combating Organized Retail Crime Act. This bipartisan bill enhances federal coordination for law enforcement, targeting crime gangs that harm retailers and jeopardize public safety.

Together, we can make a difference. Stand up against organized retail crime by showing your support today.

SEND A MESSAGE: https://www.votervoice.net/NRF/Campaigns/98241/Respond
This may be our only chance to help get this passed. The CEOs have stood up. Now it's time for everyone in this industry to Stand Up and Be Heard by Sending the Message above!

NRF Urges Congress to Advance ORC Legislation Ahead of Hearing
WASHINGTON - The National Retail Federation today urged Congress to formally advance the Combating Organized Retail Crime Act, which would amplify resources and coordination among federal, state and local law enforcement agencies to address ORC. The House Judiciary Committee's Subcommittee on Crime and Federal Government Surveillance meets tomorrow at a hearing entitled "Rise in Organized Retail Crime and the Threat to Public Safety" to examine the impact of ORC on communities nationwide.

NRF submitted a written statement for the record in advance of the hearing detailing the growing negative impact of ORC on American businesses, workers and consumers.

According to the statement:

"Retailers' foremost concern with ORC activity is the safety of retail workers and their customers. Individuals and groups committing these crimes have used threats and acts of violence, including the use of weapons, to aid theft. Eighty percent of retailers noted an increase in violence and aggression by customers toward workers in 2021. Extremely concerning is the depressing fact that several retail workers have been killed during recent theft incidents - including trained security personnel as well as retail workers serving in customer-facing roles.

"As more acts of blatant and deadly thefts take place in stores, the consequences are apparent for both retailers and consumers alike. Both store associates and customers are being harmed and threatened. Shoppers are now seeing everyday items like toothpaste and dish soap behind lock and key. Retailers know it is an inconvenience for customers. The anti-theft security measures can lead to lost sales from customers who must wait for an employee to unlock a cabinet so they can access a product. As the theft of merchandise continues, the cost of securing those items skyrockets. Retailers already operate on very slim margins and can only absorb so much cost to remain profitable."

The testimony also cited NRF's latest research on retail crime, which shows retail loss is a nearly $100 billion problem and growing. Another study cited from NRF and global risk advisory firm K2 Integrity found that ORC groups are growing in both their scope and complexity, making them harder to stop. Both reports highlight the need for federal solutions like the Combating Organized Retail Crime Act.

The hearing follows last week's NRF PROTECT event, where more than 2,000 retail professionals convened in Grapevine, Texas, to examine the loss prevention community's most prominent issues, including ORC. In a flash poll during the event among 232 retail professionals, 90% said ORC is more of a risk to their business than it was three years ago.

As the leading authority and voice for the retail industry, NRF has spearheaded industry efforts to address ORC, including support for the now-enacted INFORM Act, which takes effect on June 27. The organization has also launched a national grassroots campaign in support of the Combating Organized Retail Crime Act. nrf.com

Retailers Battle Crime As The Government Continues to Fall Short
With new anti-theft stores, companies step in where governments are missing
Concepts like the new Walgreens anti-theft store mark a further shift in responsibility for managing criminal behaviour to the corporate world from government. Increasingly, companies, particularly retailers, are tasked with making sure law-abiding customers can still get essential services - such as access to pharmacies - without being victimized by bad apples.

The problem is, dealing with crime is not Walgreens' job or the job of the private sector in general. It's the government's job, and that's why we pay taxes to fund law enforcement.

Theft and violence against retail employees - and even customers - have risen sharply in Chicago, New York, San Francisco, Los Angeles, Seattle and other cities. The main culprits: roving bands of marauders whose smash-and-grab methods make up a new commercial threat called organized retail crime.

So prevalent is the problem that many retailers have pulled out of troubled urban neighbourhoods after efforts to improve store security using advanced electronic surveillance, product monitoring and more security guards has failed.

The list of departures is the longest in San Francisco
. Old Navy recently said it would close its flagship Market Square location after three decades because of losses and concerns about employee safety. The clothier's move follows closings by T-Mobile, Whole Foods, Nordstrom, Office Depot, Starbucks and Anthropologie, among others. Target and others are restricting nighttime hours at downtown stores for security reasons.

To be sure, the risk for Walgreens is in alienating customers in an effort to reduce the cost of theft. Win or lose, the company deserves some credit. For all the bad press companies get about putting performance ahead of people, this is one example of how a company is finding new ways to manage the unpleasant reality of modern urban life and serve its communities, particularly those that are under-resourced.

The nuclear option is for Walgreens to do what so many retailers have done - pull out all together. If the company did that, the South Loop neighbourhood would be left without an important source of essential services. That doesn't seem like a people-first option at all. theglobeandmail.com

Backlash to CA Bill That Prohibits Employees From Confronting Shoplifters
Opinion: California's proposed shoplifting law would be a disaster
Few would deny crime is a growing concern in the Golden State, especially in major cities. The culture has caused companies such as Walgreens, which shuttered 22 stores in San Francisco alone over a period of five years, to cease doing business in many of these locations. Many accused Walgreens of "crying wolf" on the matter of retail theft, and California lawmakers recently made it clear they don't take the matter seriously.

Earlier this month, the California Senate passed Bill 553, legislation that would discourage retail store employees from confronting shoplifters. The legislation - passed weeks after a Home Depot security guard was shot and killed during a Pleasanton, California, robbery - is designed to protect employees, supporters say, by forbidding employers from instructing employees to confront shoplifters.

The legislation would be disastrous. A law that would prohibit employers from telling their employees that customers are not allowed to take whatever they want without paying would clearly incentivize shoplifting. It would further promote the culture Fuller described, one in which it is viewed as "optional" to pay for things.

This is the culture that is driving companies out of California. It's not just crime or high taxes or pandemic mandates. It's a culture that shows disdain for property rights, which are the wellspring of all human rights and a pillar of civilization.

California lawmakers have shown utter contempt for property rights for years. Making it illegal for employers to instruct employees to stop customers from stealing is just the latest example.

Until California changes this culture and demonstrates it respects the property rights of people and businesses, it will continue to decline. washingtonexaminer.com

Funding Retail Crime Sting Ops & Two Positions to Track and Help Prosecute ORC
Oregon ORC Bill Update: Retail Theft Funding Measure Advances
Two funding bills that are part of the organized retail theft package are moving through the process. SB 900, which would set up a grant program available to local governments to bolster retail crime sting operations, moved through the Joint Committee on Ways and Means June 2. Its companion bill, SB 318, would fund an analyst and two investigator positions within Oregon Department of Justice to help coordinate prosecution of organized retail theft. It has been assigned the public safety subcommittee of the Joint Committee on Ways and Means, a sign that it's moving forward. A vote for that bill should happen in the next week or two, though both bills ultimately would have to pass the paralyzed Senate. oregonbusinessreport.com

Bill to Fight Gun Store Smash & Grabs Introduced in the Senate
New legislation cracks down on 'smash-and-grab' gun store robberies
A bill to toughen penalties for "smash-and-grab" thefts at federally licensed gun stores has been reintroduced. Sen. Shelley Moore Capito, R-W.Va., joined 22 of her GOP colleagues, led by Sen. Lindsey Graham, R-S.C., to reintroduced the Federal Firearms Licensee (FFL) Protection Act of 2023. The legislation would address the unacceptably high number of "smash-and-grab" thefts targeted at federally licensed gun dealers by enhancing penalties for criminals who steal firearms from federally licensed firearms and ammunition dealers. "Burglaries of gun dealerships continue to rise, which is why we must put solutions forward that deter these would-be criminals from committing these robberies and endangering our communities," Capito said in the announcement. "I'm proud to support this legislation that implements swift and strong penalties for these crimes, and further protects our communities." The act would increase the statutory maximum penalty for knowingly stealing any firearm in an FFL's business inventory from 10 to 20 years; impose a mandatory minimum sentence of three years for burglary from an FFL and five years for robbery from an FFL; and criminalize the attempted theft of a firearm from a licensed importer, manufacturer, dealer or collector.  news.yahoo.com

Highest Number of Jewelry Industry Crimes Ever Recorded
Jewelry Industry Crimes Hit Record Level in 2022, JSA Reports
JSA has released its 2022 Annual Crime Report which described how the number of Crime against the U.S. jewelry industry reached a record level in 2022. The total number of crimes committed against U.S. jewelry firms was 2,211 - the highest number of crimes JSA has ever recorded, according to a press release. The number of crimes in 2022 represented an increase of 31.1% from 2021, when 1,687 crimes were reported to JSA. "Soaring crime needs to be a concern for the entire diamond, jewelry and watch industry," said John Kennedy, president of JSA. "This Report can help jewelers become better prepared for the dangerous crime risks they face every day, and can alert law enforcement agencies to the serious crime risks of the jewelry industry."  instoremag.com

NY lawmakers pass controversial bill to seal most criminal records
The long-debated controversial Clean Slate Act - which will automatically seal most criminal records - has passed both houses of the state Legislature.

The legislation, which still must be signed into law by Gov. Kathy Hochul, wipes a New Yorker's conviction record clean three years after sentencing for misdemeanors, and eight years for felonies. nypost.com

Here's How Long It Took To Buy Locked Up Basic Items in San Francisco Stores

NYPD Commissioner Keechant Sewell resigns

Research sheds light on the costs of mass shooting injuries


Employers Must Discuss Trauma Strategies Amid Rising Violence
Do Workplaces Need to Discuss Trauma?

When talking to employees about an event, tell the truth while respecting confidentiality, and only share what is absolutely necessary.

Workplace shootings continue to increase. In 2023 more than 100 mass shootings have occurred in the U.S. according to the Gun Violence Archive. Behind those numbers are victims as this grim document from Statista shows. Along with the horror, what about the trauma experienced by employees involved in these incidents?

In an article in Harvard Business Review, Katharine Manning, president of Blackbird DC, a training company, talks about what employees expect of their employers.

When we are in a period of crisis, many of us look to our institutions to support and protect us. If they fail to do so, or if they take steps that we fear will harm us or those we care about, that can create a second injury, called an institutional betrayal.

Thus, if we fail to respond appropriately in our work with those experiencing trauma, we can add a second injury to the first. But if we respond well, we build trust and connection. Either way, the manner in which we support each other in times of crisis will reverberate in our organizations for many years to come.

There are steps employers can take including these strategies offered by Workplace Response.

Acknowledge what happened - Address that an event or situation occurred that impacts workers and the workplace. The key to this step is to check in and take the lead of the survivor or person who has experienced or is experiencing harm or trauma. Be open and available to the person experiencing trauma or violence, and take their lead. Their safety and privacy are most important.

Practice Emotional Intelligence - Try and let go of this solution-oriented mindset and approach with empathy, compassion, and active listening. Let people know that you are here for them and will be supportive in the ways that feel supportive to them.

Be aware of the signs and side effects of trauma and stress - When these signs are present, reconnect, engage, and offer support. As you help others, remember that you also deserve space to process and receive support. You do not have to "have it all together" all the time. ehstoday.com

Target Bomb Threats Continue to Make National Headlines

Target Continues to Get Bombarded with Bomb Threats
Locations in at least five states were evacuated this weekend

Target stores see more bomb threats over Pride merchandise
Target stores in at least five states were evacuated this weekend after receiving bomb threats. Though no explosives were discovered, the incidents tie into the backlash over the retail chain's Pride Month merchandise.

The threats Saturday in parts of Oklahoma, New York, New Hampshire, Vermont and Louisiana mirror those made in recent weeks in Ohio, Utah and Pennsylvania. In most instances, unknown individuals emailed the threats to local news outlets. The FBI and the regional Joint Terrorism Task Force have been assisting with the investigation in some jurisdictions.

Law enforcement investigated the threats and determined the stores are safe, Target said in a statement. All stores are "currently open and operating regular hours."

News outlets in Vermont, New Hampshire and New York received the same threatening email Saturday, according to South Burlington Police Chief Shawn Burke. The message, which accused Target of betraying the LGBTQ+ community, named a store in South Burlington, Vt., and ones in Plattsburgh, N.Y., and in Keene and West Lebanon, N.H.

Burke said his officers helped evacuate the store and do a "cursory search to render the store safe," which lasted about 25 minutes. washingtonpost.com

NRF Responds Amid Pride Month Threats
NRF Statement on Store Safety
WASHINGTON - The National Retail Federation has provided the following statement regarding store safety.

"Acts of violence - real or threatened - by those who seek to bring attention to themselves and their cause have no place in retail stores.

"The number one priority for retailers is ensuring the safety and security of both customers and workers. Retailers provide their teams with trainings to prevent or de-escalate situations that may result in confrontation. Also, they are close partners with law enforcement who help support them when situations may escalate.

"Threats, violence and protest will not deter a retailer's commitment to protecting the health and safety of the customers they serve and the people they employ." nrf.com

   Click here to read the D&D Daily's Special Report over recent retail bomb threats

More Highlights from NRF PROTECT 2023
The Vitamin Shoppe follows a people-first path to positive results

NRF PROTECT: Chief Operating Officer Andrew Laudato on building a safe environment for innovation

It's possible to innovate in a way that values safety and security, he said. Build cybersecurity into the innovation process from the beginning, and identify and prioritize risks up front and early.

Leaders should foster communication and cooperation between the innovation teams and cybersecurity experts. And they must continuously monitor emerging threats and technology.

But the best way retailers can create an environment where innovation thrives is by putting people before technology.

"It's all about the people," he said. "Companies don't innovate, people do." When he's hiring, Laudato looks for four key attributes - integrity, intelligence, ambition and temperament. "This may seem aspirational, but you can teach someone the technology, the process, project management, but you can't teach them these attributes."

After that, it's up to retail leaders to keep those people. "There's nothing more important - no matter what your job is - than hiring the best people, making them feel safe and then taking really good care of them. It's expensive to hire and hard to find good people. You've got to keep them." nrf.com

Facial Recognition's Continued Expansion to Boost Safety & Security
Detroit Metro Airport's TSA implements facial recognition technology for faster, safer screening process
TSA is relying on facial recognition technology to not only speed up the screening process but also to keep travelers safe. As the summer travel ramps up, officials have an important reminder about something you must do before heading to the airport.

A faster passenger screening known as CAT-2, which stands for Credential Authentication Technology, is a machine that is quick and efficient with its process. The device validates a passenger's I.D. without those few extra minutes of a TSA agent looking at your I.D., looking at you, looking at Your I.D., and so on.

The TSA Federal Security Director for Michigan states that this will be a time saver and says that images of your I.D. will not be stored. The machine is used for onsite verification. clickondetroit.com

Inflation cools sharply in May to 4%, lowest in 2 years
The Labor Department said Tuesday that the consumer price index, a broad measure of the price for everyday goods including gasoline, groceries and rents, rose just 0.1% in May from the previous month, far lower than the 0.4% increase recorded in April.

Prices climbed 4% on an annual basis, slightly below the 4.1% increase forecast by Refinitiv economists. It marked the slowest pace of inflation since March 2021. foxbusiness.com

Ollie's raises outlook, plans to open 45 new stores in 2023

Westpac to layoff 300 workers in business and retail unit, says trade union

Despite recent losses, DOJ doubles down on antitrust enforcement

Quarterly Results

Ollie's Bargain Outlet Q1 comp's up 4.5%, total net sales up 12.9%

Senior LP & AP Jobs Market

Senior Loss Prevention Director job posted for Draeger's Supermarkets, Inc. in South San Francisco, CA
Conduct store surveillance via CCTV and sales floor. Safely detain shoplifters when necessary. Protect company's assets by conducting internal and external investigations using data analytics (Hawkeye). Shrink Management - Identify shrink caused by fraud, theft, operational errors, and policy violations, etc. Produce and submit detailed reports supported by facts and evidences in a timely manner. Implement metrics: areas of loss, remediation, strategy. indeed.com

All the News - One Place - One Source - One Time
Thanks to our sponsors/partners - Take the time to thank them as well please.
If it wasn't for them The Daily wouldn't be here every day for you.







Fighting ORC with Gen6 SP


2021-2022, ORC was rising in alarming numbers. The US Government finally took notice. Retailers were searching to increase security for their high-end products, keep the brazen ORC mobs from stripping their stores and asked the Solution Providers to help them. Some called CIS Security Solutions. We acted immediately and started modifying the Gen6 alarming tethers. We needed solutions that would give a good Customer Experience, yet still stop the gangs from sweeping departments of expensive handbags and other merchandise.

We created two new Gen6 versions at the request of our clients, modifying those in 2023 to integrate with our other alarming products. This larger alarming recoiler has 98 dBl alarm, IR protection, 49-strand flexible steel cable with 120 lb. pull strength, and a thick poly sleeve making it harder to cut, and it is visually deterring. It has ALL the benefits of sustainability with replaceable parts, batteries, ease of use, and it WORKS!

In 2022 Gen6 had two Smart versions - Smart Padlock (SP) and Smart Release (SR). These allowed you to deactivate and release the merchandise with one push of a button on the decoder. Innovative, time saving, labor saving and now in 2023 we are finding ways to integrate the Gen6 with the CIS Tick-R-Tape Tag and a brand new Smart Padlock.

Our latest Gen6 SP will enable you to secure and tether outer wear and boxed goods, etc. Attaching the Gen6 SP to the Tick-R-Tape Tag will allow you to tether larger items in boxes like vacuums and tools, still protecting from theft even when the box is detached from the tether. The Tick-R-Tape Tag can be used by itself, with one or two pieces of tape to secure it to the packaging and will activate if the tape is cut, tampered with, or lifted from the box, and it will also activate the EAS pedestals. The Gen6 will alert if the tether is cut or the recoiler is lifted from the fixture. Both the Gen6 and Tick-R-Tape Tag will alert if an unauthorized detacher is used.

Let's fight ORC together! CIS's line of Gen6 alarming tethers can accommodate your needs: Make it harder to steal items protected by Gen6, a tether strong enough to pull a Jeep, a detachable EAS Padlock Tag, and disarm and release from the Smart Release lock.

Call 772-287-7999 for more information or visit www.cisssinc.com.







To Pay or Not to Pay - That is the Question for Leadership & Security Teams
The FBI Could Help Retrieve Your Data After a Ransomware Attack
The recommendation from the FBI is to not pay, stating on its website that "paying a ransom doesn't guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity."

And the FBI could play a role in ensuring you avoid paying the ransom and get your data back without having to deal with the cybercriminal gang.

Tools Unavailable to Most Organizations

One of the first things an organization should do if they are hit with a ransomware attack is contact the FBI. It's not just because a ransomware attack is a crime-although that is a compelling reason. It's because law enforcement agencies have tools that can help you get your stolen or encrypted data back.

Perhaps one of the most eye-opening messages at RSA this year was the revelation that the FBI has the ability to decrypt data held for ransom. (If it had been mentioned once, it would have raised some questions, but the advice could have easily been dismissed. But this was repeated in a number of ransomware-related sessions and by a couple of keynote speakers.) As was mentioned more than once, the FBI has access to the encryption codes for a number of ransomware variants and, as at least one speaker suggested, ransomware gangs are lazy and rarely bother to change encryption keys.

In a document aimed at CISOs and security teams, the FBI stated that law enforcement has access to tools that most organizations do not and can enlist the assistance of international partners to help retrieve data. The document also pointed out that the FBI can conduct investigations that minimize disruptions and works closely with the organization to limit "unwarranted disclosure of information."

Emphasis on Victim Recovery

Ransomware has become so disruptive that the FBI has put a greater emphasis on victim recovery, Deputy Attorney General Lisa Monaco told The Record podcast.

This was evident in the FBI's recent takedown of the Hive ransomware variant. As the Department of Justice explained, "Since late July 2022, the FBI has penetrated Hive's computer networks, captured its decryption keys and offered them to victims worldwide, preventing victims from having to pay $130 million in ransom demanded."

In its focus on victim recovery, the FBI has shifted its strategy. The goal now is to disrupt the threat actors and cut into their revenues. To take down Hive, the FBI infiltrated the Hive crime ring's servers and "hacked the hackers." Much like threat actors would do, the FBI's team moved around Hive's server network and took over, so much so that they created decryption keys for victims of the ransomware attack.

Federal law enforcement is uniquely situated to be an ally to your organization's battle against ransomware. If "contacting the FBI to report ransomware attack" isn't on your post-attack procedure guidelines already, it should be added as one of the first things to do in the mitigation phase. Taking that step will go a long way in guiding your decision about whether or not to pay a ransom. Chances are favorable that you can recover your data with the FBI's assistance at no cost and little disruption. securityboulevard.com

Data Breaches Cause Significant Damage
DOS Attacks Dominate, but System Intrusions Cause Most Pain

In the latest Verizon "Data Breach Investigations Report," denial-of-service attacks are the most common type of security incident, but when it comes to breaches, nearly four-in-ten attackers compromise systems.

AdvertisementDenial-of-service attacks continued to dominate the threat landscape in 2022, but breaches - those security incidents that resulted in confirmed data loss - more likely included system intrusions, basic Web application attacks, and social engineering.

Out of more than 16,300 security incidents analyzed in Verizon's "2023 Data Breach Investigations Report," more than 6,250, or 38%, were denial-of-service attacks, while almost 5,200, or 32%, were confirmed data breaches. While the denial-of-service attacks were disruptive until they were mitigated - much of the data in the report came from DOS defense providers rather than victims - data breaches through system intrusions, web application compromises, and social engineering usually resulted in significant impacts on business.

The two top attack types in the report - DOS attacks and system intrusions - target different parts of the CIA (Confidentiality, Integrity, Availability) triad. System intrusions typically affect confidentiality and integrity, while denial-of-service attacks target availability, says Erick Galinkin, principal researcher at vulnerability management firm Rapid7.

The data highlights the differences in threat activities that become notable incidents and those that cause real harm to companies. The damage caused by the average ransomware incident, which accounted for 24% of all breaches, doubled to $26,000, according to the report. In contrast, only four of the 6,248 denial-of-service incidents resulted in data disclosure, the "2023 Data Breach Investigations Report" stated.

The report also underscored the fact that while patterns are informative, they can also vary widely, says Joe Gallop, intelligence analysis manager at Cofense, an e-mail security company.

More System Intrusions, Because More Ransomware - Employees Critical to Defense: darkreading.com

Threat intelligence programs poised for growth

Enterprise organizations will increase spending, investing in areas like threat intelligence distribution, digital risk management, and security technology integration.

CISOs clearly believe that further investments in threat intelligence programs can mitigate cyber-risks while improving threat prevention and detection. Over the next 12 to 24 moths:

Thirty percent of organizations will prioritize sharing threat intelligence reports more readily with internal groups. This is a step in the right direction as threat intelligence has value beyond the security operations center (SOC) for alert enrichment.

Twenty-seven percent of organizations will prioritize investing in digital risk protection (DRP) services. As organizations expand their digital footprints, they need a better understanding of the accompanying risks. DRP services provide this visibility by monitoring things like online data leakage, brand reputation, attack surface vulnerabilities, and deep/dark web chatter around attack planning.

Twenty-seven percent of organizations will prioritize integration with other security technologies. Beyond endpoints, email, and network perimeters, CISOs want CTI integration with cloud security tools, security information and event management (SIEM) and extended detection and response (XDR) solutions, and security service edge (SSE) tools like secure web gateways and cloud access service brokers (CASBs).

Twenty-seven percent of organizations will prioritize acquiring a threat intelligence platform (TIP) for threat intelligence collection, processing, analysis, and sharing. Once the exclusive domain of the largest enterprises, TIPs are slowly moving down market.

Twenty-six percent of organizations will prioritize developing a more formal program. Organizations realize they can no longer skate by on some open-source threat intelligence feeds reviewed by part-time threat analysts. Rather, they need staffing and processes to execute a full CTI lifecycle. csoonline.com

Fighting AI-Powered Fraud: Let the Battle of the Machines Begin
As cybercriminals tap the power of machine learning and generative AI to outwit fraud-detection systems, online fraud-prevention technologies must evolve accordingly.

Leveraging the power of the cloud, new malicious machine learning (ML) models offer the prospect of automating tasks that only humans could perform a few years ago.

How AI Can Help Fool Fraud-Detection Systems

Consider a typical fraud-mitigation system in a retail setting. Say a company sets a rule that in certain locations, transactions over $900 are automatically flagged for secondary verification. An ML tool could be programmed to calculate through trial and error the point at which high-value transactions are inspected. Then the adversary need only ensure their fraudulent transactions stay under $900 and are based in the right geolocation to avoid detection. What was once a time-consuming process becomes a simple matter of cloud-powered analytics.

Even sophisticated ML models can be probed and attacked for weaknesses by malicious AI. The more opaque AI systems become, the riskier they are to deploy in production settings. Humans will only have a limited understanding of their behavior and the outputs they might generate. Plus, to remain effective, they need to be trained on data from previous attacks. This combination make them vulnerable to exploitation when presented with a slightly different scenario. It only takes some targeted trial and improvement for malicious AI to learn those oversights and blind spots.

How Defenders Can Strike Back darkreading.com

Examining the long-term effects of data privacy violations

Researchers Report First Instance of Automated SaaS Ransomware Extortion







Ensuring Good VPN Security Hygiene

Companies commonly use an enterprise virtual private network (VPN) solution to connect remote employees to their organization's IT network. An increase in vulnerabilities are being found and targeted by malicious cyber actors during the current Coronavirus situation. It is vital to keep VPNs, network infrastructure devices, and devices being used to connect into work environments up-to-date with the latest software patches and cybersecurity configurations. Ensure you have good VPN security hygiene with these helpful articles from Cybersecurity and Infrastructure Security Agency (CISA): Understanding Patches and Securing Network Infrastructure Devices.




Amazon Delivery Route Turns Into Violent Scene from a Movie
San Antonio Amazon worker shot, injured in alleged road rage incident

Seven to 10 bullets hit the car.

An 18-year-old Amazon employee is on the mend after an alleged road rage incident on his way to work early Sunday morning, June 11, left him shot in the hand and leg, according to an news article published by KSAT 12.

The injured teen was driving his usual route to work a little after 2 a.m. on Sunday when what appeared to be a black Dodge Challenger started speeding, attempting to cut him off. The teen, who told KSAT 12 he wanted to stay anonymous, said he and the other car began exiting 151 onto Highway 90.

"I slowed down, he got on the right and he had rolled his window down. He started talking, so I rolled down mine," the injured driver said to KSAT 12.

When the teen rolled down his window, the driver of the Challenger pulled out a gun. The teen put up his hands and replied, "Chill bro, I am just trying to get to work," he recalled to KSAT 12.

The Amazon worker began to speed away before he heard the glass of his back window shatter from gunshots. The teen said seven to 10 bullets struck his car, hitting him in the hand and leg. The teen told KSAT, "I was screaming, 'No way, no way this is happening.'"

The teen was transported to a local hospital with non-life threatening injuries. He has since returned home from the hospital and wants to tell others to avoid dangerous drivers on the roads by ignoring them and not conversing with them, KSAT 12 said. mysanantonio.com

Easing Inflation Impacting E-Commerce
Online Prices Down 2.3% In May; Biggest Decline In Three Years
Online prices declined 2.3% year-over-year in May, the biggest drop recorded since the start of the pandemic, according to the Adobe Digital Price Index report released today.

The Adobe report is another sign that overall inflation is easing. In April, consumer price index inflation was below 5% for the first time since June, 2021. That downward trend is expected to continue when the May CPI numbers are released.

It also showed a continued trend away from big ticket items, as prices for staples such as groceries continue rise. The appliance category had its biggest price drop since Adobe began tracking digital prices in 2014. with appliance prices down 7.9% year over year.

That echoes recent findings from the Commerce Department's retail sales figures. For online prices, May was the ninth consecutive month of an overall, year-over-year decrease, according to Adobe. forbes.com

Netflix: Is Password-Sharing a Crime?
On May 25, 2023 streaming content provider Netflix began enforcing its policy prohibiting the sharing of Netflix accounts even among family members who are not members of the same "household"-meaning living together in the same house. It was always Netflix's policy to prohibit such account and password sharing-it's just that Netflix finally began enforcing the policy and requiring each separate account holder to have (and pay for) their own account.

Obviously, password sharing can (and does) deprive Netflix of a stream of revenue. Netflix is entitled to create a "one account, one login" or "one account, one household" policy as part of its revenue model and to enforce it. Sharing passwords and accounts can constitute "theft of services" or a breach of contract. If I sign up for cable TV, I can't connect a box to my neighbor and "share" my cable, but I can invite them over to my house to watch the Orioles (or Nats) game. Sharing cable or satellite is a crime. So, my giving my account login information to a third party could constitute theft, fraud, theft of services, etc.

But is it a "trespass?" The answer is complicated. securityboulevard.com

J.Crew's new app gives shoppers a 48-hour headstart on launches

Gen Z likes shopping in stores just as much as they do online, survey finds







Police investigating rash of jewelry store burglaries in NJ; 12 stores in 2 weeks
Police in Maplewood, Scotch Plains and Union are investigating a string of smash and grab burglaries that have impacted jewelry stores in New Jersey. The thieves ripped off about a dozen jewelry stores in these areas in just the past two weekends, with the most recent occurring Monday morning. At around 3:58 a.m., police responded to a call from an alarm company about multiple motion activations inside Union Jewelers Exchange on Route 22 in Union. Surveillance footage captured the thieves forcibly entering the front door, using a tire iron and a sledgehammer.They made out with thousands of dollars' worth of jewelry. According to Union Police Deputy Chief Scott Breslow, a dozen jewelry stores in the area have been targeted in similar instances, dating back to June 2nd. Among the mentioned, these other recent locations include Linden, Woodbridge, Middletown, Eatontown, Green Brook, Hainesport, Robbinsville, Long Branch, and Westfield.  abc7ny.com

Gurnee, IL: 4 suspects arrested for stealing thousands of dollars worth of products from Gurnee Mills mall
Four California residents were arrested after prosecutors say they stole thousands of dollars in products from the Nike store inside Gurnee Mills mall in Gurnee. Lake County Assistant State's Attorney Colleen McConnell said the Gurnee Police Department was called on May 30 to a retail theft at Gurnee Mills. Five suspects were reported to have stolen from the Nike Clearance Store. Officers observed surveillance video and saw several people enter the store with empty bags, McConnell said. The suspects placed merchandise into the bags and fled. The suspects got into a vehicle outside the store and the license plate was obtained, McConnell said. A license plate reader camera alerted officers days later that the same suspect vehicle was detected again at Gurnee Mills. McConnell said officers responded and located the same five suspects who were involved in the May 30 retail theft. They recovered approximately 100 pairs of shoes. The theft on May 30 resulted in a loss of $3,909 lakemchenryscanner.com

Manchester, CT: Masked juveniles caught burglarizing Macy's at Shoppes at Buckland Hills
Three juveniles were arrested at the mall in Manchester over the weekend after they allegedly tried to steal more than $7,000 worth of jewelry during a burglary, police said. Police were dispatched to the Macy's store at the Shoppes at Buckland Hills, at 194 Buckland Hills Drive, in the late evening hours Saturday after a loss prevention employee observed on the store's cameras three suspects wearing masks at the jewelry displays filling up backpacks with merchandise, according to the Manchester Police Department. Two of the suspects were taken into custody following a brief foot pursuit after the first officers arrived on scene, police said. A Connecticut State Police dog was called to the scene, as it was believed the third suspect was hiding somewhere in the store, according to police. South Windsor police helped establish a perimeter around the building before that suspect was located in the store.  courant.com

Linden, NJ: 4 Newark Residents Charged with Trying to Steal Over $5500 in Merchandise From Linden Kohl's

Lower Makefield Township, PA: Police investigating $2500 Retail Theft at Kohl's

View ORC Archives

Case Goes Public?
Share it with the industry

Submit your ORC Association News

Visit ORC
Resource Center



Shootings & Deaths

Visalia, CA: Footage released after clerk, 16-year-old dead in liquor store robbery
Footage from the Visalia store where two people were killed over the weekend has been released, showing the moment police say an armed 16-year-old pointed a gun at the two store clerks. The footage released Monday shows the 20-year-old clerk taking out his gun, and pointing it back at the armed robber. The then shows the robber running into the parking lot, where he collapses after being shot. The clerk was identified by the family as 20-year-old Krish Singh. Customers who knew him stopped by the EZ Mart Liquor Store on Walnut Avenue and Giddings Street on Monday to light candles and pay their respects.  yourcentralvalley.com

Denver, CO: NBA Finals: 10 wounded in Denver mass shooting after Nuggets win and suspect taken into custody
Ten people were wounded in a mass shooting early Tuesday in Denver in an area where basketball fans had been celebrating the Nuggets first NBA title win, police said, and a suspect was taken into custody. The shooting happened about 12:30 a.m. - about 3 1/2 hours after the game - and three of the injured were in critical condition, the Denver Police Department said in a statement. The suspect, a man, was one of the seven people who suffered injuries believed to be non-life-threatening.  ksat.com

Vancouver, WA: Fleeing Armed Robbery Suspect Fires on Wash. Police
Body camera footage released from a Vancouver police shooting last month shows an armed man running from officers in the lot of a busy Safeway store, pulling a gun and firing at one responding officer before he was fatally shot and collapsed on the parking lot pavement. Joshua James Willson, 43, of Vancouver, suffered multiple wounds to his chest, back and leg, according to the video, and was pronounced dead at the scene on May 30. Police said Wilson was a suspect in several armed robberies. Last month's Vancouver police shooting was the first to have occurred since the department equipped its officers with body-worn cameras in February.  officer.com

Robberies, Incidents & Thefts

Shawnee, KS: Man charged with attempted murder in knife attack on Johnson County store clerk
A 33-year-old man is charged with attempted murder after allegedly attacking a store clerk with a knife Friday afternoon in Shawnee. Johnson County prosecutors charged Amanjit Singh, of Arkansas, with a single count of attempted first-degree murder. He was being held Monday in the Johnson County jail on a $500,000 cash bond. On Friday, shortly before 1 p.m., Shawnee police officers were dispatched to Stonebridge Liquor at 6648 Nieman Road on a reported assault. The 47-year-old woman was taken to the hospital in critical condition Friday, police said, and told officers she was attacked by a man who had walked into the store. Police arrested a suspect later Friday afternoon south of Kansas City.  ca.style.yahoo.com

Lancaster, TX: 15 hospitalized after 'hazardous material leak' at Food Distribution Center
At least 15 workers have been taken to hospitals after a "hazardous material leak" at a warehouse in Lancaster, city officials said. The incident happened at a United Natural Foods (UNFI) distribution warehouse on Danieldale Road, near Interstate 20 and Interstate 35E. Hazmat crews from Lancaster, Ovilla, Grand Prairie, Cedar Hill and Glenn Heights responded to the area to investigate the reported leak. Officials have not confirmed the contents of the leak. The incident was initially reported as a possible ammonia leak. The warehouse was also evacuated, but officials added that 15 workers were affected enough by the leak that they had to be transported to a hospital for treatment. Their conditions are unknown at this time. In a statement to WFAA, UNFI said workers began smelling an odor believed to be ammonia around 12 p.m.  wfaa.com

Memphis, TN: Plexiglass blocks burglars at Memphis liquor store
Burglars trying to break into one Memphis liquor store met their match after the owner took extra steps to keep his business safe. Around 2 a.m. Monday outside Southwind Liquor, it was clear the burglars were intent on getting in. Store owner Boo Weeks said an outside video camera caught it all. "In the video, you can see him going down and pushing trying to find a weak spot," he said. Weeks installed it after his last break-in back in September. It was the ninth at one of his two stores. "I think we're probably leading the city in break-ins here or attempted with nine, so we had to do something because they were stealing anywhere from 12 to $20,000 a time every time they come in," Weeks said. Daniels Sorces with Accent Glass installed the plexiglass and said it's really hard to break. "It's a clear polycarbonate sheet material. It's similar to acrylic Plexiglas, but it has some properties to it that won't let it shatter when impacted with, said in this case, a hammer. It's actually fairly unbreakable," Sorces explained.  wreg.com

Hamilton, OH: Police chase, apprehend suspect in 3 area Kroger robberies



C-Store - Tucson, AZ - Armed Robbery
C-Store - Houston, TX - Robbery
C-Store - Glen Burnie, MD - Armed Robbery
C-Store - South Hills, WA - Armed Robbery
Cellphone - Las Vegas, NV - Armed Robbery
Clothing - Midland, TX - Robbery
Dollar - St Louis, MO - Armed Robbery
Grocery - King County, WA - Burglary
Grocery - Middletown, OH - Robbery
Hardware - Cheyenne, WY - Burglary
Jewelry - Union, NJ - Burglary
Jewelry - Maplewood, NJ - Burglary
Jewelry - Glen Burnie, MD - Armed Robbery
Jewelry - Atlanta, GA - Robbery
Jewelry - Orlando, FL - Robbery
Jewelry - Lake Grove, NY - Robbery
Jewelry - Mission Viejo, CA - Burglary
Liquor - Visalia, CA - Armed Robbery Clerk/ Susp both killed
Liquor - Shawnee, KS - Armed Robbery / clerk stabbed
Macy's - Manchester, CT - Burglary
Marijuana - Warren, MI - Armed Robbery / shots fired
Pawn - Manhattan, KS - Burglary
Pharmacy - Cumberland County, NJ - Armed Robbery
Restaurant- San Francisco, CA - Burglary    


Daily Totals:
• 16 robberies
• 8 burglaries
• 2 shootings
• 2 killed

Click to enlarge map



None to report.

Submit Your New Hires/Promotions or New Position






Featured Job Spotlights


An Industry Obligation - Staffing 'Best in Class' Teams

Every one has a role to play in building an industry.
Filled your job? Any good candidates left over?
Help your colleagues - your industry - Build 'Best in Class' teams.

Refer the Best & Build the Best
Quality - Diversity - Industry Obligation


Director of Retail Solutions - North America
Denver, CO - posted April 5
This role will be focused on selling our SaaS retail crime intelligence platform by developing new prospects, and progressing Enterprise level prospects through our sales process. You will report directly to the VP of Retail Solutions - North America, and work alongside our Marketing, Partnerships and Customer Success team to grow our customer base...

Asset Protection Manager
Remote - posted May 30
The Asset Protection Manager is responsible for supporting global field and corporate operations execution of asset protection processes. This role has analysis-based responsibilities as well as investigation and recovery of losses within an assigned Region...

Region Asset Protection Manager: Fresco y Mas Banner (Bilingual Required)
Miami, FL - posted May 17
Responsible for managing asset protection programs designed to minimize shrink, associate and customer liability accidents, bad check and cash loss, and safety incidents for stores within assigned region. This position will develop the framework for the groups' response to critical incidents, investigative needs, safety concerns and regulatory agency visits...

Store Loss Prevention Manager
Tacoma, WA - posted April 24
Store Loss Prevention Managers are responsible for leading Loss Prevention functions within a specific location and for partnering with Store Operations in an effort to prevent company loss. You will be responsible for driving company objectives in profit and loss control, sales performance, customer satisfaction, and shrink results...

Manager, Regional Loss Prevention
Minneapolis, MN - posted April 4
This position is responsible for managing all aspects of loss prevention for a geographic area to reduce and control shortage and other financial losses in 124+ company stores. The coverage areas average $850+ million in sales revenue...

Corporate Risk Manager
Charlotte or Raleigh, NC - posted February 14
Summary of Role and Responsibilities: Proactive approach to preventing losses/injuries whether they are to our employees, third parties or customers valuables. They include cash in transit, auto losses or injuries; Report all incidents, claims and losses which may expose the company to financial losses whether they are covered by insurance or not...

Featured Jobs

To apply to any of today's Featured Jobs, Click Here

View Featured Jobs   |   Post Your Job



How you leave an employer and how you start with a new employer are very critical segments of time because they can tend to label executives and those labels can last a very long time. Interesting how short the time periods are relative to an executive's actual career. But the exiting process and the on-boarding periods leave long-term impressions that follow executives. Regardless of why an executive leaves, the important thing is to leave professionally, quietly and making sure the employer has a detailed report on all of your projects and work. And most certainly respect their intellectual property which, in today's world, virtually every company has been a victim of intellectual property theft. According to most recent surveys, 33% of employees have stolen intellectual property and this is a major concern for every company and is the primary reason some employers require the departing executive to leave the day of their resignation.

Just a Thought,

We want to post your tips or advice... Click here


Not getting the Daily? Is it ending up in your spam folder?
Please make sure to add d-ddaily@downing-downing.com to your contact list, address book, trusted sender list, and/or company whitelist to ensure you receive our newsletter. 
Want to know how? Read Here

FEEDBACK    /    downing-downing.com    /    Advertise with The D&D Daily