Michigan ORC FORCE Team Joins Forces with FBI
FBI to Partner with AG Nessel’s FORCE Team to Combat Organized Retail Fraud
Today, Michigan Attorney General Dana Nessel announced the Federal Bureau of Investigation (FBI) has entered into formal partnership with the Attorney General’s FORCE Team, a partnership between Michigan State Police (MSP) and the Organized Retail Crime Unit at the Department of Attorney General, established to combat coordinated theft and resale operations targeting Michigan retailers. The FORCE Team operates within the Michigan State Police Department.

The state’s FORCE Team will work collaboratively with the FBI’s Detroit Fraud and Financial Crimes Task Force (DFFACT) in an effort to squash organized retail crime that crosses state or international borders. One special agent from the DFFACT will be assigned to the FORCE Team, joining a team already comprised of two assistant attorneys general, Michigan State Police detectives, and special agents from the Department of Attorney General’s Criminal Investigations Division.

“I’m very grateful for our new partnership with the FBI and look forward to the continued success of the FORCE Team,” said Nessel. “The addition of the federal authorities to the investigations already underway by our first-in-the-nation team including my department and the Michigan State Police is significant. Our FORCE Team has been pursuing wide-reaching investigations that have already produced multiple charges in just its first months of operation, and this partnership will considerably strengthen the team.”

The FORCE Team and the Organized Retail Crime Unit were established in January by the Attorney General to target criminal organizations that steal products from retailers to repackage and sell for a profit. Two assistant attorneys general serve the unit full time, working with special agents within the Department of Attorney General and Michigan State Police detectives to investigate and prosecute these crimes. This is a first-in-the-nation unit, unique in the 50 states as being the first such unit with embedded, dedicated staff from the Department of Attorney General.

The FORCE Team is dedicated to working collaboratively with retailers and local law enforcement agencies to combat organized retail crime. Recent corporate partners on investigations have included Sam’s Club/Walmart, Meijer, Target, Home Depot, TJ Maxx, Rite-Aid, Lululemon, Ulta, and Lowe’s. The team’s first major investigation produced charges against seven individuals earlier this year. Local law enforcement agencies or retailers with evidence of organized retail fraud are encouraged to email the FORCE Team. michigan.gov


Theft Crisis Pushing Stores to Decide if Keeping Stores Open is Worth the Risk
Retail Theft is Pushing Stores to Weigh the Risk of Keeping a Physical Presence
In today’s retail landscape, the role of brick-and-mortar stores has been under scrutiny, especially with the rise of online shopping and retail theft. The iconic San Francisco Centre Nordstrom store, a downtown staple for over three decades, has permanently shut its doors, reflecting the city’s changing dynamics and rising crime rates. Retail theft has even gone so far in some places, such as local Target stores in Santa Monica, that less valuable goods are now protected by locked cabinets.

With the prevalence of online shopping and retail theft forcing some stores to close or drastically change their security measures, the purpose and function of physical stores is now shifting. Despite what some may think, the experience of visiting a store, interacting with products, and soaking in the ambiance is irreplaceable. But retailers must adapt, ensuring that their locations serve their clientele and that security measures don’t detract from the shopping experience.

How can retailers fulfill the cravings that consumers still have for the physical shopping experience, and when should some retailers draw the line if the risks of staying open due to retail theft are too high? As we approach these topics, we turn to Katrijn Gielens, Professor of Marketing at the University of North Carolina, for her expert insights.

Katrijn’s Thoughts:

When we go back to the likes of the Nordstroms, to them I think the shrinkage story is somewhat the last drop. This is where they say it’s no longer sort of like defending or sort of like justifying why we have a store in, let’s say, downtown San Francisco. Shoppers and consumers have so many different alternatives.

If those other people are no longer visiting that location, which may also be in part because of some of the crime issues, then what are you still doing there? Your store needs to sort of fulfill certain roles. What are the typical things that you can do? You can work on security. But what if security become such an issue that it sort of takes away from the experience?

When you start to sort of try and fight sort of the shrinkage increasing all kinds of security measures and locking everything up, not being able to touch and feel products, the role of the store is completely annihilated. There is no longer a reason to go to the store. So, whatever you try to do to fight sort of the crime issues or the shrinkage is running counter to creating a store experience.  marketscale.com


USA's #1 Top ORC Hot Spot City for 18 Months Consecutively

Memphis & Shelby County Officials Recognize They Have a Serious Crime Problem
‘We have a crime crisis right now:’ DA’s office hosts public-safety summit
The Shelby County District Attorney General’s Office hosted a public-safety summit, which was not open to the general public, with elected officials and community stakeholders at which they agreed on initiatives to combat crime in Memphis.

Shelby County District Attorney General Steve Mulroy said officials came to a consensus on public safety priorities during the meeting.

“I think the consistent message from all of us and several others … is that we all recognize that we have a serious crime problem,” Mulroy said. “We have a crime crisis right now, and it requires an all-hands-on-deck approach to tackle the problem.”

Mulroy said there are some issues dealing with violent crime officials will work independently on, but there are other initiatives, which are evidence-based, they can work on collaboratively.

Taylor said there was also a lot of discussion about how to help law enforcement use the tools they have while also keeping the criminal justice system fair and just, “not only about how do we treat defendants, but there was also a healthy discussion about the victims.” dailymemphian.com


The Army We're All Fighting & Who's Facilitating Massive ORC Nationwide

LA Times Sept. 21, 2023

How many people work for the Mexican drug cartels? Researchers have an answer
Now researchers have come up with an estimate: 175,000. That figure, which would make the cartels the country’s fifth-largest employer, has steadily risen during the last decade, according to their study, which was published Thursday in the journal Science and relied on a variety of data to build a mathematical model of the workforce.

Though cartels have been chronicled in television series, books and high-profile criminal cases, much about them remains unknown. Estimates of annual profits start at $6 billion and spiral upward.

And cartels long ago branched beyond drug trafficking into other lucrative rackets, including extortion, kidnapping, fuel theft and migrant smuggling. That implies a vast economy — and a huge labor force.

The head of the U.S. Drug Enforcement Administration, Anne Milgram, told Congress in July that Mexico’s two most powerful criminal organizations — the Sinaloa cartel and the Jalisco New Generation cartel — had almost 45,000 members, associates, facilitators and brokers in more than 100 countries.

For the Science paper, researchers crunched statistics on incarceration and casualties during the past decade to arrive at their estimate. They found that Mexican cartels must recruit between 350 and 370 people each week to replenish the ranks diminished by losses from arrests and murder.

Being a cartel worker is “like playing Russian roulette,” Prieto-Curiel said. Continue Reading


Spike in 'Strategic Cargo Theft'
Kentucky Cargo Theft Spike Echoes National Issues

Strategic Thefts Direct Cargo Away From Intended Recipient

Kentucky law enforcement is warning of a spike in strategic cargo thefts in a trend that reflects a growing national problem.

The Kentucky State Police have opened 12 active cases into strategic cargo theft activities since Aug. 1. That compared to a total of five between the first case in 2014 up through 2022. Its vehicle investigation branch has identified at least two crews that are primarily responsible for the recent rise. They’ve been double brokering loads through legitimate carriers.

Verisk Analytics’ CargoNet found in its second-quarter report that strategic tactics drove a 57% year-over-year increase in supply chain risk events across North America.

“They’re derivatives of two different crime rings” said Keith Lewis, vice president of operations at CargoNet. “Deception is used to steal the loads,” he added, noting, “Some of the commodities that come out of Kentucky are very valuable.”  ttnews.com

 

---

How Mature is Your ESRM Program?
The enterprise security risk management (ESRM) philosophy can apply to any organization—large or small, public or private. But it can be challenging to map out a path from the initial introduction to mature implementation. Thankfully, members of the ASIS ESRM steering committee spent two years building an ESRM maturity model to measure current efforts and enable security practitioners to guide their organizations to the next level of risk management.

The maturity model self-assessment, which is available for free, walks users through the continuum of how an organization can meet its ESRM-related goals and procedures, says Jacob Maenner, CPP, PSP, ESRM steering committee member and chair of the maturity model committee.

The five elements within the ESRM maturity model are culture, context, stakeholders, risk management, and ESRM governance. There are five levels of implementation: initial, repeatable, defined, managed, and optimized. asisonline.org

Editor's Note: There's only been a very few LP/AP executives in retail that formerly assumed the enterprise risk management role and developed their programs accordingly.

A few years ago ASIS formerly restructured their entire focus on enterprise risk and evolved globally.

Certainly, 'Total Retail Loss', developed in 2016 by Professor Adrian Beck with the ECR Retail Loss Group in the UK, and in 2019 revised to Total Retail Loss 2.0: From Theory to Practice” which built on the ground-breaking research commissioned by the RILA Asset Protection Leaders Council in partnership with Professor Adrian Beck from the University of Leicester in the UK, which has become the academic model for retail loss prevention executives.

While ESRM doesn't go as deep into retail loss, it does broaden one's vision and responsibilities across an enterprise. And some would say is similar if not the exactly the same as a Chief Security Officer, CSO. - Gus Downing

Former Global CIO & Three IT Exec's charged with $3M Fraud at Mohawk Industries

Mohawk is the world’s largest flooring company with $11.7B in 2022 Worldwide Sales and 25,000+ Retail & Commercial Customers

In 2019, Mohawk launched a large, multi-year IT project and outsourced work for the IT project to IT consulting firms.  The indictment alleges that the defendants secretly organized and controlled a Georgia company, Meta Technology Platforms, LLC (“Meta Tech”), and used their positions at Mohawk to retain Meta Tech as a Mohawk vendor and divert Mohawk’s outsourced IT consulting work to Meta Tech. 

Between approximately May and October of 2022, Meta Tech submitted invoices to Mohawk totaling approximately $3,034,411.  The invoices that Meta Tech submitted to Mohawk did not disclose the defendants’ relationship to Meta Tech.  The invoices also allegedly charged Mohawk for services that had not been performed, for software that had not been provided, and at inflated hourly rates that Kanyadan approved on Mohawk’s behalf.  Mohawk paid Meta Tech approximately $1,857,741.40 based on these fraudulent invoices.      justice.gov

Editors Note:  Seems like CIO fraud has become quite prevalent.  If not over taking the finance driven fraud with fake invoicing.  In my opinion it's simply a matter of three factors.  1. Opportunity; Virtually no one in most organizations have the subject matter expertise to truly be able to monitor and critically analyze what they're doing (It's almost like the old commercial "Let Mikey Do It"). 2: It's the #1 critical need and usually the #1 capital expense of every organization.  Or lag behind in this digital transformation era and let your competition eat you for lunch.  Finally #3; To anyone outside of the IT world it's a "money pit" without a bottom.  And that's scary.  Just my observations  Gus Downing

 

Great News for the Vendors
Now how about the Vendors to the Vendors

Enterprise Retail Warms to Real-Time Payments for Vendors
The retail sector increasingly prefers real-time payments for their business-to-business (B2B) payments. Virtually all large firms in this sector used real-time payments at least once in the last year.

Real-time payments have a robust growth outlook. Real-time payments already account for 17% of all B2B payments retailers made last year. Fifty-four percent of retail firms expect to use real-time payments more heavily in the next year.

These are just some of the findings detailed in “Corporate Changes in Payment Practices: A Deep Dive Into the Retail Industry,” a PYMNTS Intelligence and The Clearing House collaboration. This report examines the B2B payments landscape in the retail sector and how the role of real-time payments is evolving. The report draws on insights from a survey of 125 retail executives conducted from June 1 to June 26.

The retail sector is undergoing a sea change in B2B payments. Companies must keep pace with these changes to remain competitive. Download the report to learn how real-time payments are revolutionizing retail B2B relationships. pymnts.com


LPF Announces LPC & LPQ Professionals for June, July & August
The Loss Prevention Foundation would like to recognize and congratulate the following individuals who successfully completed all of the requirements set forth by the board of directors to be LPQualified (LPQ) and/or LPCertified (LPC). View Full List Here

 
Mastercard forecasts holiday sales gain of 3.7%, led by electronics

The 25 most innovative U.S. companies according to consumers

Virtual Event: 20 Years of Cybersecurity Awareness Month

Cybersecurity Awareness Month Kicks Off in October

Wednesday, October 4 at 2:00 p.m. ET

This October marks the 20th Cybersecurity Awareness Month, and it presents the perfect moment to reflect on how far we’ve come and how much more we want to accomplish! October is dedicated to ensuring everyone has the resources to stay safe and secure online.

Still, there is more to do. The public and private sectors continue to come together to secure technology, protect critical infrastructure and bridge the cybersecurity careers gap. In honor of 20 years of Cybersecurity Awareness Month, elected officials, government leaders and industry executives will join to examine how far we’ve come and look at where we need to go.

Featured Speakers:

• Congressman Andrew R. Garbarino (R-NY-02)
• Congressman Eric Swalwell (D-CA-15)
• Tatyana Bolton, Security Policy Manager, Security Center of Excellence, Google
• Joanna Huisman, Senior Vice President of Strategic Insights and Research, KnowBe4
• Megha Malhotra, Senior Technical Program Manager, Amazon
• Bobbie Stempfley, VP, Product Groups, Business Unit Security Officer, Security & Resiliency Organization, Dell Technologies
• Rusty Waldron, Vice President, Chief Business Security Officer, ADP
• Lisa Plaggemier, Executive Director, National Cybersecurity Alliance
• More Speakers TBA

Click here to register
 

Consumer Data Exposed by T-Mobile?
T-Mobile Racks Up Third Consumer Data Exposure of 2023

The mobile company states that the issue was due to a glitch that occurred in an update.

Multiple T-Mobile USA customers have gone to social media to report seeing the sensitive information of other customers when logging in to view their personal account.

The leaked data includes credit card balances, purchase history, credit card information, device IDs, and home addresses. The issue was initially severe enough that the T-Mobile subreddit requested users to stop sharing information via social media.

"ATTENTION: We are aware of the security issue going on. For security reasons, we are not allowing posts on the topic," the post read. "Please do not post any information about the ongoing issue. We're waiting to hear from T-Mobile and do not want to exacerbate the issue."

As of Sept. 20, T-Mobile said that the issue has been resolved and was due to a "technology update" glitch.

"There was no cyberattack or breach at T-Mobile. This was a temporary system glitch related to a planned overnight technology update involving limited account information for fewer than 100 customers, which was quickly resolved," said Tara Darrow, T-Mobile spokesperson, in a statement.

While this may come as a relief for some, to others it may only further raise concerns about whether T-Mobile has questionable cybersecurity safeguards, due to the company facing multiple breaches this year alone. darkreading.com


'No Indication that TransUnion Systems Were Breached'
TransUnion denies it was hacked, links leaked data to 3rd party
Credit reporting firm TransUnion has denied claims of a security breach after a threat actor known as USDoD leaked data allegedly stolen from the company's network. The Chicago-based company's over 10,000 employees provide their services to millions of consumers and more than 65,000 businesses from 30 countries.

"Immediately upon discovering these assertions, we partnered with outside cybersecurity and forensic experts to launch a thorough investigation," the company said. "At this time, we and our internal and external experts have found no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment."

The investigation into the claims found that the information leaked by USDoD was likely obtained from another organization's systems, given that the data and its formatting are different than TransUnion's.

"Through our investigation, we have found that multiple aspects of the messages – including the data, formatting, and fields – do not match the data content or formats at TransUnion, indicating that any such data came from a third party," TransUnion said. bleepingcomputer.com


MGM Restores Casino Operations 10 Days After Cyberattack

Never use your master password as a password on other accounts