Retail Shootings Becoming More Common
Shopping mall shootings leave retailers at risk
A fatal shooting at an Indiana shopping mall in the U.S. last week left four dead, including the shooter. The shooter was killed by another shopper, who also happened to be carrying a gun. Earlier this month a man opened fire at Copenhagen mall killing three people and critically wounding four others. A suspect, a Danish local, was arrested after the shooting.

Armed shoppers, carrying weapons, can easily enter public shopping spaces. There is no law in the U.S. which prevents them from owning guns.

"It is no secret that criminal activity at retailers as has jumped significantly over the last few years," Karl Langhorst, an adjunct professor at the University of Cincinnati's School of Criminal Justice and an expert on retail loss prevention and corporate security, told Footwear News. "And unfortunately, we're seeing a trend that those incidents are becoming more and more violent."

Walmart, the world's largest retailer, recorded 310 gun violence incidents between January 1st 2020 and May 14th. This averages to over 7 gun-related incidents per day. According to Forbes, the U.S. has averaged more than one mass shooting a day in 2021.

In a tweet last Monday, America's National Rifle Association (NRA) said: "The only way to stop a bad guy with a gun is a good guy with a gun." This mentality is unfathomable for most Europeans, where carrying arms in most countries is deemed illegal.

Retailers have a responsibility to provide safe working environments for their employees, says Business for Social Responsibility (BSR), yet it is something they cannot reasonably guarantee given the current state of gun violence in the U.S. BSR calls for raising awareness with employees and consumers on the impacts of gun violence and advocating for common sense legislation.

To some, common sense means banning firearm ownership altogether. fashionunited.in

Retail Crime & Violence Across the Pond
Usdaw calls for retail crime to be taken seriously
While there has been an 11% decrease over the last decade, today's increase is a worrying reversal of the recent downward trend.

Paddy Lillis, Usdaw general secretary said: "Shoplifting is not a victimless crime, theft from shops has long been a major flashpoint for violence and abuse against shopworkers. Having to deal with repeated and persistent shoplifters can cause issues beyond the theft itself like anxiety, fear and in some cases physical harm to retail workers.

"Today's reported 21% increase in shoplifting may well be a consequence of Covid restrictions being lifted in stores last year. Social distancing and limiting the number of customers in stores does make life more difficult for shoplifters, so the return to normal will have an impact. We want to see action to ensure this reversal of a downward trend does not continue.

"We are aware that the cost of living crisis may also lead to more shoplifting. However, the answer to the squeeze on household budgets is not to turn a blind eye to theft from shops, which in itself contributes to rising prices as retailers try to recover losses."

"The Government must provide the coordination needed to ensure that retail employers, police and the courts work together to make stores safe places for our members to work and for customers to shop." talkingretail.com

Active Threat Attacks by Lone Actors
A New Category of Risk to Anticipate for Effective Prevention
Active assailants have typically come in different categories: psychological disorder-driven active shooters, ideologically extremist-driven terrorists, vengeful employees (or ex-employees), and insiders who are known as troubled individuals to at least some of their intended targets. But a recent wave of violent attackers crosses these separate categories, vastly complicating traditional threat assessment practices.

In these active threats where several distinctive categories of threats converge, there is a direct relationship between the attacker and at least some of the intended targeted victims. Such attacks often fall into one of two categories: workplace violence type 3, when the attacker intentionally targets his or her coworkers (or ex-coworkers) at their places of employment, or workplace violence type 2, when a customer or patient targets a retail, entertainment, hotel, or other facility where some of the employees may recognize the attacker as a regular customer or patient.

Defining Active Threat Lone Actors

To be defined as active threat lone actors (ATLAs), these attackers either are psychologically disordered active shooters or ideologically extremist terrorists who have a direct relation to at least some of their intended targeted victims and their workplaces, whether as fellow (or former) employees or as customers or patients who are known to at least some of the staff, with their attacks considered workplace violence-related. Knowing at least some of their intended targeted victims also makes the violent assailants insiders.

Significance of ATLAs

What makes this new threat category especially significant is that it applies both to ideologically driven terrorists and psychologically disordered active assailants. The perpetrators primarily operate as lone actors (and, in a few cases, they might have a co-attacker), and they generally do not belong to an organized group, according to the Handbook of Terrorism Prevention and Preparedness. asisonline.org

Cook County Progressive DA Kim Foxx Struggles to Keep Up With Prosecutor Exits
The Cook County state's attorney's office has seen significant attrition and turnover in the COVID era, leaving courtrooms understaffed at the same time prosecutors dealt with a case backlog and a series of violent summers.

"We're so short of attorneys, there's twice as much work with no help," one longtime prosecutor not authorized to speak publicly told the Tribune. "And really, you're setting people up for failure. Anything can blow up in your face. The expectations are not manageable."

State's Attorney Kim Foxx told officials at a county board committee hearing last week that 235 people including attorneys had resigned from her office just since July of last year. The year before the pandemic began, that figure was 130. chicagotribune.com

ASIS Workplace Violence Prevention Training
Identify threats and prevent violence in your workplace with the comprehensive Violence Prevention and Intervention Program from the Center for Personal Protection and Safety (CPPS).
 
Buffalo mayor addresses mass shooting, plans for recovery

Doc Exposes Naked Truth Behind Victoria's Secret
Victoria's Secret boss was 'pimple on NY's backside' until Jeffrey Epstein: doc

A match made in heaven, or maybe hell: the sexual deviant & the lingerie demigod.

For decades, disgraced financier Jeffrey Epstein was one of the closest friends of Victoria's Secret billionaire Les Wexner, 84. In fact, the late con, who, in August 2019 at 66, committed suicide in the jail cell of a Manhattan federal detention center while awaiting trial in his sex-trafficking case, once joked that he and the retail baron "share a brain."

But in the forthcoming Hulu docuseries "Victoria's Secret: Angels and Demons," out Thursday, associates of the unlikely duo - Wexner, a self-made magnate from the Midwest, and Epstein, a college dropout who smooth-talked his way into roles in New York's financial district - say the two were bound by more than ambition. They each needed the other in order to survive.

"Wexner had the money that Epstein was seeking, and Wexner got from Epstein the glamour and smoothness that he was seeking," says Cindy Fedus-Fields, the former CEO of Victoria's Secret Direct.

"He wanted that New York cachet, and that was a way to buy into it," says Teri Agins, author of "The End of Fashion," in the series. "He invited Jackie Onassis to the christening of the store ... because he wanted that respect with New York society and high-fashion New York."

In Epstein, Wexner found the suave, business-savvy and streetwise ally he'd been longing for. And for his urbanity, the mogul gave him carte blanche access to his businesses and billions.

But Wexner and Epstein's seemingly impenetrable bond began to weaken in 2006, when the swindler was caught sexually abusing underage girls in his Palm Beach, Florida, estate. Epstein was arrested on solicitation of prostitution charges.

It would be another 13 years before the registered offender was returned to police custody for his sex crimes. By the time of Epstein's 2019 arrest, Wexner finally began publicly distancing himself from the master manipulator, claiming he, too, was a victim of his schemes.  nypost.com

Family Dollar Fined $330K Over Shoplifting-Related Death
OSHA presents more than $330K fine after worker's death at Orlando Family Dollar
An investigation into a shoplifting-related worker death at a Family Dollar store in Orlando led the Occupational Safety and Health Administration to present more than $300,000 in fines for violations, according to the agency.

Last December, a worker at the Family Dollar store on 918 W. Colonial Drive tried to stop an attempted shoplifter from walking out of the store with stolen goods, OSHA said.

OSHA said that there was a struggle to keep the shoplifter from running out, after which the worker felt short of breath and began vomiting. The agency added the employee was taken to the hospital and later died from cardiac arrest.

According to the agency's inspection report, it found several store violations, including exit route obstructions and failing to notify OSHA of a worker's death/injury within an allotted period of time. Multiple violations were listed as repeat offenses, according to OSHA.

In total, OSHA said it is proposing $330,446 in fines related to the investigation into Family Dollar Stores, Inc. clickorlando.com

Protecting Employees from Customer Harassment
Gas station settles claim it failed to protect worker from customer harassment
An Illinois gas station and convenience store operator has agreed to pay $75,000 to settle claims it failed to protect an employee from customer harassment, the U.S. Equal Employment Opportunity Commission said July 13.

The Kelley Williamson Company employee was subjected to months of sexual advances and crude jokes by a customer, the agency said. She and others reported the customer's conduct, but the employer failed to act promptly to stop the harassment, EEOC alleged in an earlier lawsuit.

"Employers must take reports of sexual harassment seriously and act promptly to stop harassment when it occurs," said EEOC Chicago District Director Julie Bowman in a statement announcing the settlement.

Federal law protects employees from sexual harassment at work, meaning employers are required to take steps to stop any such harassment and prevent it from recurring, according to EEOC, the agency tasked with enforcing those provisions.

The law - Title VII of the Civil Rights Act of 1964 - doesn't prohibit simple teasing or isolated incidents, according to the agency's website, but rather harassment that "is so frequent or severe that it creates a hostile or offensive work environment or when it results in an adverse employment decision (such as the victim being fired or demoted)." hrdive.com

Back-to-School Shopping Key for Retailers
Retailers Need to Ace their Back-to-School Season

Back to school is typically the second-largest selling season for retailers. They need it now more than ever.

After a brutal reckoning in their first quarter, retailers could really use a good back-to-school shopping season.

Retailers have a high bar to clear. Last year, retail sales in the back-to-school shopping months-June to August-rose 14.4% compared with a year earlier, according to the Census Bureau. So far this year sales still appear to be increasing, though at a slower pace: Retail sales in June grew 7.7% compared with a year earlier.

The good news is that for most parents, back-to-school spending counts as a necessity, not discretionary spending. Less than a quarter of respondents surveyed by the National Retail Federation said they are making do with last year's school items, roughly in line with previous years.

Nevertheless, it is likely to be a competitive selling season for retailers, who will be grasping for a piece of a slow-growing pie. Retailers are already promoting heavily to get rid of excess inventory from a quarter ago. Kohl's, Target and Dick's Sporting Goods all saw their merchandise levels swell by more than 40% last quarter compared with a year earlier. wsj.com

Pharmacy Workers Vote to OK Strikes at Ralphs, Vons, Albertsons & Pavilions
Seven United Food and Commercial Workers (UFCW) union locals, which together represent more than 600 pharmacists and pharmacy workers at Ralphs, Vons, Albertsons and Pavilions stores across Southern California, have revealed that members voted overwhelmingly to authorize union leadership to call for strikes on the basis of unfair labor practices.

The locals filed unfair labor practice charges against Ralphs, Vons, Albertsons and Pavilions with the National Labor Relations Board, alleging violations of federal labor law and intimidation of workers engaged in union activity, among other charges.

UFCW locals 8GS, 135, 324, 770, 1167, 1428 and 1442 make up the largest union grocery contract in the nation, including 600-plus pharmacists and pharmacy workers who serve communities at Ralphs, Albertsons, Vons and Pavilions pharmacies spanning from Central California to the Mexican border.

No dates have been set yet for a strike. progressivegrocer.com

Sam's Club Participates in Youth Hiring Program to Prevent Cycle of Incarceration
Sam's joins Walmart in disrupting prison pipeline by providing opportunities for at-risk youth

Amazon Fresh Opens 2 New Stores - Now at 39

Woman sues PetSmart, groomers in connection with toy poodle's death

Walmart says high cost of food & gas hurting customers & its bottom line

Uber's Data Breach & Security Cover-Up Scandal
Uber admits massive 2016 data breach coverup, cooperates with feds
Ride-share juggernaut Uber has entered a nonprosecution agreement with federal prosecutors to resolve a criminal investigation into the coverup of a significant data breach suffered by the company in 2016, federal authorities from the Department of Justice announced Friday.

As part of the agreement, Uber will cooperate with investigators into the company's former chief security officer.

According to United States Attorney Stephanie M. Hinds and FBI Special Agent in Charge Sean Ragan, Uber admitted to and accepted responsibility for the acts of its officers, directors, employees and agents in concealing its 2106 data breach from the Federal Trade Commission, which at the time had a pending investigation into the company's data security practices.

Prosecutors say that Uber admitted that its personnel failed to report the November 2016 data breach to the FTC, despite a pending investigation into data security at the company. Hackers responsible for the 2016 breach used stolen credentials to access a private source code repository and obtain a private access key.

The hackers then used that key to access and copy large quantities of data associated with Uber's users and drivers, including approximately 57 million user records and 600,000 drivers' license numbers. Uber did not report the breach until approximately one year later, the DOJ said, when new executive leadership had taken over. This new leadership disclosed the breach to affected drivers, the public, law enforcement and to foreign and domestic regulators, including state attorneys general and the FTC.

The resolution of the criminal probe by a nonprosecution agreement was helped by the fact that the new leadership came clean about the breach, the DOJ said, and also that the company then invested "substantial" resources to significantly restructure and enhance the company's compliance, legal, and security functions. mercurynews.com

Here's the Daily's previous coverage on the Uber case:

May 19, 2022: Uber CISO's trial underscores the importance of truth, transparency, and trust

April 28, 2022: Former Uber Chief Security Officer To Face Wire Fraud Charges

December 22, 2021: Former Uber Chief Security Officer To Face Wire Fraud Charges

August 24, 2020: Watch: Former Uber CSO Charged With Covering Up 2016 Data Breach

August 21, 2020: Former Chief Security Officer For Uber Charged With Obstruction Of Justice

September 27, 2018: Uber Fined $148 Million for Breach Cover-Up

February 7, 2018: Uber Paid Hackers $100K to Destroy Stolen Data on 57M people, Keep Quiet

December 1, 2017: Three Uber security managers resign after CEO criticizes practices

Shifting from a Reactive to Proactive Cybersecurity Approach
Proactive auditing - a key component to an offensive cybersecurity approach
As the number of cyberattacks rise, organizations must reconsider their approach to cybersecurity to be more proactive rather than reactive. This involves accurately assessing potential threats, which is why the adoption of proactive auditing, among a wider offensive cybersecurity approach, is so essential. In turn, cybersecurity policy must also be analyzed, adjusted and utilized properly to better position organizations to encourage and implement successful proactive auditing practices.

Understanding an offensive cyber approach

While many organizations take a defensive approach to cybersecurity, an offensive mindset is also key to ensuring the best possible protection against a potential attack. For success, threat intelligence plays a large role. In order to implement an offensive mindset for cyber defense, also known as active defense, an organization needs to fully understand existing network vulnerabilities. This will include proactive auditing - examining in real-time how the enterprise is operating and evaluating systems and laws, as well as any vulnerabilities.

Necessary proactive auditing strategies

In order for proactive auditing to be effective, companies can look at integrating zero trust and micro-segmentation strategies. Micro-segmentation helps isolate data to better tighten security controls across transactions, while enforcing a zero trust policy requires that every transaction across a segment is authenticated, enhancing cybersecurity architecture and informing the proactive auditing process. Since zero trust is a layer approach that assumes breach, threats can be more quickly identified and addressed.

Establishing cybersecurity policy to encourage proactive auditing

As proactive auditing measures are cost-effective and execute an enormous amount of vulnerability research, organizations should push to incorporate them as part of their overall cybersecurity strategy. This also highlights the need on a national level to create organizational policies that encourage such activity and will help show why proactive auditing is so important to an organization's overall security infrastructure.
securitymagazine.com

Improper Use of Commercial Surveillance Tech
Congress goes after spyware purveyors. Will it make a difference?
Congress is waking up to the growing threat of foreign spyware on the heels of several high-profile episodes involving the improper use of the commercial surveillance technology against diplomats and government officials abroad.

The House of Representatives is set to vote on sweeping policy legislation to crack down on and even ban firms that sell the technology from working with the government. But experts say the lucrative market for surveillance technology increasingly used around the world to track dissidents, journalists, activists and others will be difficult to curtail.

Still, spyware researchers and congressional staffers say the fact that Congress is beginning to act, on top of other moves from the Biden administration against makers of the technology, will send a message to the marketplace about doing business with spyware makers.

"Many companies like [Israeli spyware maker NSO Group] see entering the US market as the ultimate prize and what we've seen so far is that the US government does have the ability to chill investment interest in bad actors, and that's really important," said John Scott Railton of the University of Toronto's Citizen Lab, which has conducted extensive research on spyware.

The Intelligence Authorization Act, which passed the House Intelligence Committee last week with bipartisan support, includes several spyware provisions. In addition to authorizing the Office of the Director of National Intelligence to ban contracts with foreign firms making surveillance tech and allowing the president to impose sanctions on firms targeting the intelligence community (IC) with spyware, the bill also augments funding for investigations into the use of foreign commercial surveillance software.

The U.S. government has been increasingly focused on the threats of the spyware at home. The National Counterintelligence and Security Center issued a warning in January, cautioning the public about the risks of commercial surveillance tools that have been used to spy on journalists and political dissidents. Last November the Biden administration blacklisted the NSO Group, accusing it of selling spyware it knew would be used to "maliciously target" phones belonging to reporters, dissidents and others whom the powerful might seek to silence.  cyberscoop.com

CEO of Titanium Blockchain Pleads Guilty in $21 Million Cryptocurrency Fraud Scheme
The CEO of Titanium Blockchain Infrastructure Services Inc. (TBIS) pleaded guilty Friday for his role in a cryptocurrency fraud scheme involving TBIS's initial coin offering (ICO) that raised approximately $21 million from investors in the United States and overseas.

VIDEO: Building trust into every aspect of an organization
In this Help Net Security video, Matthew Chiodi, Chief Trust Officer at Cerby, talks about building trust not just when it comes to applications and data, but also with employees and customers.

5 Steps to Building a Cyber-Aware Organization

Amazon Stuck with 'Too Much Space'
A 700,000 square-foot Amazon warehouse in Nebraska was supposed to create 1,000 jobs, but is sitting empty as the company delays opening new facilities

Amazon CFO Brian Oslavsky told reporters in April that the company is stuck with "too much space."

Less than two years ago, Greater Omaha's Chamber of Commerce touted plans for a 700,000-square-foot Amazon warehouse facility in the Omaha suburb of Papillion. The company expected the project to employ 1,000 people and add more than $200 million to the local economy, according to Omaha Chamber economists.

According to the Nebraska Examiner, despite construction being nearly complete, the facility won't open until 2024 as a dip in e-commerce has Amazon rethinking its massive warehouse portfolio.

The project joins a growing list of warehouse delays for Amazon. Brian Olsavsky, the CFO of Amazon, told reporters in April that the company is now stuck with "too much space" after adding to its real-estate empire between 2020 and 2022 to keep up with the pandemic-fueled surge in e-commerce demand.

Amazon is reportedly planning to sublet up to 30 million square feet of warehouse space or renegotiate leases, likely affecting warehouses in New York, New Jersey, Southern California, and Atlanta. businessinsider.com

Amazon's Drone Delivery Flights Could Be Crashing to Earth
After nearly a decade of promises, it appeared Amazon drone delivery was finally taking off with the rollout of commercial flights in California and Texas later this year. But the program could be coming crashing down to Earth.

Recent test crashes have caused yet another regulatory setback for the planned service.

According to sources, the crashes alarmed the Federal Aviation Administration enough that it withheld permission for Amazon to begin test flights that must be completed in order to get the program off the ground. The FAA declined to comment.

Amazon must complete 7,000 test flights as part of a federal regulatory requirement for durability and reliability. According to an internal document, it had hoped to complete nearly all of them by the end of July.

In the past year alone, eight Amazon drones have ​​crashed during testing, including one that ignited a 25-acre brush fire in Oregon. Five of them took place over a four-month span. Reports also revealed the company tried to avoid investigations into the crashes by ducking FAA correspondences and even moving evidence at crash sites. freightwaves.com

1,000 Layoffs as E-Commerce Slows
Shopify to Lay Off 10% of Workers in Broad Shake-Up
Shopify Inc. is cutting roughly 1,000 workers, or 10% of its global workforce, rolling back a bet on e-commerce growth the technology company made during the pandemic, according to an internal memo.

Tobi Lütke, the company's founder and chief executive, told staff in a memo sent Tuesday that the layoffs are necessary as consumers resume old shopping habits and pull back on the online orders that fueled the company's recent growth. Shopify, which helps businesses set up e-commerce websites, has warned that it expects revenue growth to slow this year. wsj.com

Target chases bigger e-commerce profits with new delivery hubs, fleet of drivers

Spokane, WA: Spokane man faces 47 criminal charges in identity theft scheme
A Spokane man faces 47 criminal charges including identity theft, forgery, theft and criminal impersonation. Spokane Police arrested Azariah Hulsey on July 14 stemming from an extensive scheme of identity theft and the use of fraudulent checks. Police say Hulsey purchased over $30,000 in items from retail stores using stolen or forged checks. They say he would use fraudulent IDs and other pieces of a victim's identity to verify the checks' authenticity. The Stolen Property Enforcement and Recovery unit began investigating once they noticed a similar pattern of crimes. Surveillance footage from a victim's store showed Hulsey and an officer recognized him from previous investigations. Police say Hulsey's streak lasted nine weeks. In that time, he used 25 forged checks in the names of four victims at 18 different businesses.  kxly.com

Olympia, WA: Retailers reach out to Olympia Police Department for help cracking down on theft
Thieves trying to rip off The Home Depot store in East Olympia have had a surprise this spring and summer: police waiting for them in the parking lot. On several occasions since May, Olympia police officers have worked with plain-clothes store employees to identify and arrest potential thieves. Within one hour in June, three people were either cited for theft or trespassing, accused of planning to steal items.

Officers said one woman removed the anti-theft device off a saw she took out of the store. "She said she was intending to steal those items to pay for her daughter's graduation trip," said Officer Jacob Theis. Theis said he was surprised how many people were either cited or arrested. Organized retail theft is a growing problem in Washington. The Home Depot went to Olympia police asking for help combatting organized retail theft, which is blamed for $2.7 billion in losses statewide in 2021. Olympia police have also helped Rite-Aid with anti-theft operations. "Shopping spree without the payments," said Sgt. Paul Frailey, who heads up the department's community policing program. He said the city is happy to help businesses go after thieves. king5.com

Eugene, OR: Man arrested for multiple thefts after SWAT stand off
On July 25, at around 7:25 a.m., Eugene Police received a call for service from Home Depot on Seneca Road. A person, later identified as Michael Joseph Reason, age 46, was reported to have arrived in a Penske truck and was seen stealing merchandise from outside the store. The truck was reported full of property and it had also been reported at Lowes. Reason was tracked to a home in the 1600 block of Kelly in Springfield. Reason refused to come out of his home and had warrants. He also had security cameras outside the location and was potentially armed. EPD Crisis Negotiation team, Drone Team, and SWAT resources were deployed. At 11:21, Reason was taken into custody. He was taken to Lane County Jail on charges including six counts of Theft in the First Degree and one count of Interfering with a Police Officer. Eugene Police Investigations Unit is continuing to investigate and applied for a search warrant at multiple locations. eugenedailynews.com

San Antonio, TX: Longtime San Antonio Card Shop Hit By Burglars
San Antonio police are investigating a burglary that resulted in the theft of thousands of dollars worth of merchandise from a longtime hobby shop. It happened just after 4 AM Monday at Sports Cards Plus on the city's northwest side. Owner Charlie DiPietro says four people can be seen breaking into the shop through the front door and then filling trash bags with unopened boxes of sports cards. The suspects were only inside for a few minutes and left in a hurry, because one partially filled bag was dropped inside the store. They left in a U-haul truck, indicating the thieves may have had plans to steal a lot more.  sportscollectorsdaily.com

Norwalk, CT: Police Seek ID Of Man Accused Of Trying To Steal High-end Handbags
Police are asking for the public's help identifying a man accused of trying to steal "high-end bags" from a store in Norwalk. In a Facebook post, police said the man attempted to steal the bags on July 8 from a T.J. Maxx store on Connecticut Avenue but was confronted by loss prevention employees. The suspect was able to avoid getting caught and fled the area, police said. facebook.com

Baltimore, MD: Woman pepper sprayed security guard after attempted theft at Nordstrom Rack
A shopper didn't want a shopping bag, just the designer goods. Police said a woman attempted to rob a Baltimore Nordstrom Rack of $3,000 of merchandise and then pepper sprayed a security guard on her way out. Officers released a surveillance photo of the woman who attempted to steal a handbag and various designer brand sunglasses from the store on Boston Street, in Baltimore's Canton community. wmar2news.com

Columbus, OH: Two Women accused of stealing $2,400 in fragrances from Ulta Beauty store

Seattle, WA: Game store targeted again; thief steals nearly 2K in merchandise