HSI's ORC Crackdown Continues
2 brothers sentenced for roles in large-scale organized retail theft ring following HSI Houston, federal partner investigation
HOUSTON — Two brothers have been sentenced for their roles in a large-scale organized retail crime scheme following an investigation by Homeland Security Investigations (HSI) Houston and the Food and Drug Administration (FDA) Office of Criminal Investigations (OCI).

Yasser Saleh Ouwad, a 52-year-old resident of Houston, was sentenced Nov. 15 in the U.S. District Court for the Southern District of Texas to 41 months in federal prison to be immediately followed by three years of supervised release for conspiracy to transport stolen merchandise. Additionally, Ouwad was ordered to forfeit more than $260,000 from bank accounts representing the illicit proceeds from stolen merchandise and must pay $109,742 in restitution to CVS Health and Walgreens and a money judgment of $4,665,860.

Ouwad’s brother, Bilal Saleh Awad, a 50-year-old resident of Houston, was previously sentenced on Sept. 5 in the U.S. District Court for the Southern District of Texas to 41 months in prison followed by three years of supervised release for conspiracy to transport stolen merchandise. Additionally, Awad was ordered to forfeit more than $460,000 and approximately $6,000 in stolen merchandise and must pay $322,550 in restitution to CVS Health and Walgreens and a money judgment of $4,426,942.

Ouwad and Awad pleaded guilty to the charges on Oct. 12, 2021, and Oct. 30, 2019, respectively. Several other co-defendants involved in the organized retail crime scheme have also previously pleaded guilty and received sentences ranging from 18-40 months.

From June 2015 to March 2018, Ouwad and Awad engaged in a high-level fencing operation involving multi-state, multi-million-dollar criminal organizations. The brothers purchased stolen over-the-counter medicines, diabetic test strips and health and beauty supplies for re-packaging and shipping. ice.gov

   Learn more here about the HSI's new ORCA alliance in yesterday's edition of the D&D Daily


Arizona Expands ORC Task Force With New 'Safe Shopping' Campaign
Maricopa County Attorney announces 'Safe Shopping' campaign

The campaign targets organized retail crime in the county.

Maricopa County Attorney Rachel Mitchell announced the new "Safe Shopping" campaign, an effort to address organized retail crime, on Nov. 15 at a press conference.

Shoppers may have already noticed the impact of organized retail crime on their holiday purchases – many more items are behind locked displays, from skincare products to cold and flu medicine.

Arizona Retailers Association Executive Director Michelle Ahlmer said thieves are taking just about anything and everything, which is wiping out stock in stores and driving prices up for customers.

“This is a mobile group. It’s a traveling group and they are doing damage wherever they go," Ahlmer said. “The popular things seem to be the ones that attract everyone’s attention, the good and the bad.”

Arizona stores lost a collective $1.4 billion in organized retail crime, according to the Arizona Retailers Association.

The campaign launched Wednesday is an extension of the Organized Retail Crime Taskforce at MCAO and will “expand the partnership” by asking community members to report incidences of crime.

“Here’s what I say to the thieves who commit these crimes: we will find you, you will be arrested, and we will prosecute you to the fullest extent of the law,” Mitchell said.

As the law stands now, Mitchell said offenders are prosecuted for an initial offense. Subsequent offenses are then grouped together. Michell said she is asking state lawmakers to make an exception for organized retail criminals. Ahlmer said this type of action benefits both stores and shoppers.  12news.com  maricopacountyattorney.org

   RELATED: Maricopa County Attorney launches new campaign to combat ORC


Amazon's New Retail Crime Prevention Tool
'A roving security guard in stores to detect break-ins and other threats.'

Businesses Amazon’s Astro robot is now a roving security guard for business

Amazon wants businesses to use its Astro robot as a roving security guard in their stores to detect break-ins and other threats.

Amazon has a new job for its Astro robot: a roving security guard in stores to detect break-ins and other threats.

The company on Wednesday announced Astro for Business, a version of its household robot that it’s framing as a crime prevention tool for retailers, manufacturers and a range of other industries, in spaces that are up to 5,000 square feet. Astro for Business is launching only in the U.S. to start, and it comes at a steep price point of $2,349.99.

“We have been testing Astro in a variety of businesses and have seen firsthand how Astro’s intelligent motion helped provide visibility on blind spots and areas that existing stationary cameras couldn’t see, giving business owners peace of mind because their inventory and property are protected, even when they aren’t there,” Anthony Robson, head of product for Amazon Astro, said in a statement.

Amazon pointed to data from the National Retail Federation, a trade association and advocacy group, showing that shrink, which includes shoplifting and organized retail crime, reached nearly $100 billion in 2022. Major retailers have routinely expressed concerns about theft eating into their profits, but there is little data to prove it, and other factors may be contributing to the issue, such as employee theft or lost or damaged goods, CNBC previously reported.

Amazon is also offering a suite of security products in tandem with Astro for Business for an added fee, such as Ring Protect Pro, which can link Astro to Ring sensors and motion detectors. A virtual security guard service allows Astro to notify remote security centers of a potential threat, such as an unrecognized person, breaking glass or smoke. Remote security agents can then view live footage and call police or emergency responders. cnbc.com


Slow & Steady Progress in Target's Fight Against Shrink & Theft
Target expects shoplifting to remain ‘significant financial headwind’ despite closing troubled stores
Target said it expects shoplifting will continue to be a “significant financial headwind” despite the big discounter’s recent move to shutter locations popular with pillagers — including a store in New York City.

“We think progress there probably doesn’t happen quickly,” chief financial officer Michael Fiddelke said on a Wednesday earnings call with Wall Street analysts.

In 2023, Target faced multiple headwinds, as tightening financial conditions dragged down its top and bottom lines. Higher inventory shrink — loss of items to retail theft, organized crime, damage, vendor fraud, and other factors — have created struggles throughout the year.

On Wednesday, top management admitted that Target’s theft problem — known as “shrink” in industry parlance, continues to dog its 1,956 stores nationwide with no end in sight.

“We’re focused on progress over time,” Fiddelke added. “It’s not one that we’d expect overnight.”

“Growth in shrink remains a significant financial headwind and we’re determined to continue making progress in the years head,” Fiddelke added.

On the positive side, the company said shrink in the most recent quarter was “smaller than expected” and “better than we faced earlier in the year.”  nypost.com  finance.yahoo.com


Retailers Continue to Walk Fine Line with Product Lock-Ups

'Consumer Rebellion' Over Anti-Theft Measures?
Bloomberg: ‘Everything’s Locked Up’: Shoppers Turn to Amazon as Big-Box Retailers Combat Theft

Amazon is poised to benefit most from consumer rebellion

“It’s just crazy, everything’s locked up,” one shopper said. To sidestep the hassle, she has taken to ordering groceries and medication online from Stop & Shop Supermarket and Amazon.com Inc.

Retail industry watchers say her choice is becoming increasingly common. Any retailer with a strong e-commerce operation will benefit from the shift, said Andrew Lipsman, an analyst at Insider Intelligence, but Amazon will do best.

Retailers have been battling shoplifters for decades, but say store larceny has worsened dramatically since the pandemic — driven largely by criminal gangs that steal in bulk. The shoplifting scourge has prompted chains to close locations in particularly hard-hit areas. Retailers also are locking up a lot more stuff.

“It’s like an arms race between the offenders and the retailers,” said Cory Lowe, a senior researcher at the Loss Prevention Research Council, which develops anti-theft solutions for the industry. “Everyone is continuously ramping up in store security.”

In a growing number of stores, entire aisles are lined with locked glass cases. Making matters worse, the retail industry is suffering a severe labor shortage, meaning there aren’t enough salespeople to help customers retrieve locked items in a timely fashion.

Consumers’ growing frustration was captured in a shopper survey released last year by the LPRC. More than 60% of participants said locked merchandise was either inconvenient or very inconvenient, while over 20% said they’d rather order the item online than wait for an employee to open a case. Some said they were embarrassed when asking an employee to help retrieve medications and family-planning merchandise. bloomberg.com


More Harm Than Good? Shoppers Push Back Against Anti-Theft Measures
Target and Walmart have it wrong. Locking up essential products is alienating in-store shoppers

Theft-protection measures may do stores more harm than good if they create an experience so uninviting that customers don’t come back.

A survey from the Harris Poll on behalf of Verkada, a cloud-based security company, finds that 71% of shoppers said that anti-theft deterrent measures—which include locked cabinets or shelves, gated exits and checkout lanes, and limited operating hours—made them less likely to purchase items in-person.

The data, sourced from more than 2,000 U.S. adults in early October and shared exclusively with Fast Company, also finds a generational rift, in that 89% of Gen Z respondents said they’d be more likely to stop shopping at physical stores that incorporate such measures, versus 58% of baby boomers.

It goes deeper: More than half of U.S. consumers say retailers prioritize their inventory over customer safety, and more than two-thirds say frontline retail workers are not equipped to handle criminal behavior, such as violent threats or theft. The backdrop, as has been much reported, is that retailers are blaming retail theft for significant losses, despite solid and better-than-expected earnings numbers. fastcompany.com

The Upside of Locking Up Items?
Target CEO claims customers are saying ‘thank you’ for locking up merchandise
As Target tries to fight theft at its stores, it has left customers frustrated to find many everyday items locked up. Still, the retailer’s CEO, Brian Cornell, claimed many shoppers are actually grateful to see their body wash, toothpaste and deodorant behind a glass panel.

On a media call with reporters discussing Target’s fiscal third-quarter earnings, CNBC asked Cornell if the retailer can quantify the sales lost from shoppers who are frustrated with waiting for employees to unlock cases in-store. He said the shopper response to the policy has been “positive.”

“Courtney, just in the last week I’ve been on the East Coast and on the West Coast in many of those stores that you’ve talked about where, items have been locked up,” he said. “And actually what we hear from the guests is a big thank you, because we are in stock with the brands that they need when they’re shopping in our stores. And because we’ve invested in team member labor in those aisles and make sure we’re there to greet that guest, open up those cases and provide them the items they’re looking for.” cnbc.com

   RELATED: Sephora has locked up all its perfume


Reducing Police Force to its 'Smallest Headcount in Decades'
NYC Mayor Further Cuts NYPD Ranks - $4B Budget Cuts - Migrant Crisis

That across-the-board 5% cut will save the city $3.7 billion through the next fiscal year and take effect immediately, officials said Thursday.

Notably, the city will pause hiring new NYPD officers by canceling the next five police academy classes, reducing the department’s headcount from 34,000 uniformed officers to around 29,000 by mid-2025 — its lowest level since the 1990s. The NYPD had been largely spared from previous cuts Adams ordered last year. crainesnewyork.com


Council on Criminal Justice report in the news: Shoplifting has fallen in many cities

Is Beacon Hill to blame for Massachusetts' retail theft problem?

Employee Surveillance & Tracking - In and Out of the Workplace
Workplace Monitoring Via Video, GPS Has Legal Ramifications
With more employers monitoring workers with cameras and GPS trackers, federal regulators and states have taken steps to strengthen employee privacy rights.

Some employers rely on cameras that record employees and customers throughout company property. Elsewhere, employees have GPS trackers on their company-issued phones, vehicles or wearable devices, letting the employer know where they are.

Companies use these workplace surveillance technologies to encourage productivity, discourage theft, prevent workplace violence, and protect employees, customers and company property. They also use them to make sure employees are doing the work they are supposed to be doing.

Sometimes employers use the data collected by surveillance technologies to discipline employees who fall short of productivity quotas, penalize workers for taking time off or provide individualized directives throughout the workday, according to an October 2022 memo from National Labor Relations Board (NLRB) General Counsel Jennifer Abruzzo.

Federal law generally permits employers to use GPS tracking and videotaping for legitimate business reasons, but state laws vary on employee privacy rights. For example, Connecticut and California prohibit employers from installing cameras in bathrooms, locker rooms, changing areas, breakrooms and employee cafeterias. California also bans audiovisual monitoring of a remote worker's residence or personal vehicle, unless that monitoring is strictly necessary to ensure the worker's health and safety, to verify the security of company or client data, or to fulfill another compelling business purpose.

New York state passed a law in 2021 that requires employers to notify employees upon hiring about the types of electronic monitoring that may occur. Connecticut and Delaware have similar notice laws.

If an employer obtains employees' written consent for electronic monitoring, that can bolster the employer's case in court that the employee did not have a reasonable expectation of privacy, according to the American Bar Association.

NLRB Concerned About Section 7 Rights - CFPB Says Law Can Protect Workers: shrm.org


The Federal Union Push Continues
The Chamber of Commerce immediately pushed back

OSHA Seeks to Add Union Reps to Inspections

Agency also announces alliance with NLRB to promote unionization.

The Occupational Safety and Health Administration (OSHA) has proposed a rule that would allow employees to request that a non-governmental third party—which could be a representative from a labor union—to join an OSHA safety inspection of a non-union employer’s facility.

In a separate development, OSHA and the National Labor Relations Board (NLRB) also announced that they have entered into a formal agreement to work together closely, coordinating their activities in a manner that promotes unionization of the workforce.

Commenting on the OSHA proposal to allow employees and agency inspectors to choose third parties, such as union representatives, to accompany the inspectors when they walk around employer facilities, Marc Freedman, vice president, employment policy for the U.S. Chamber of Commerce, said, “Without question, if OSHA moves forward with this regulation, the agency will be making clear its agenda is no longer focused on improving workplace safety but on promoting organized labor.”

In addition, he stressed that if the new rule is adopted as proposed, it would open the door to other parties with a grievance against the employer to be allowed in if an employee requested them. Think of environmental activists opposed to the use of fossil fuels seeking entry to a refinery, he suggested. ehstoday.com


Largest Starbucks Strike in History of the Company
Thousands of Starbucks workers walk off the job in "Red Cup Rebellion"
Thousands of unionized Starbucks employees walked off the job Thursday on "Red Cup Day," an annual promotion in which the coffee chain gives out reusable cups to customers who order holiday drinks, according to the union behind the protest.

Starbucks Workers United said what it dubbed the "Red Cup Rebellion" is the largest ever work stoppage in the history of the company, a bid to draw attention to ongoing complaints about staffing, scheduling and other workplace issues.

Juniper Schweitzer, who has worked for Starbucks for 16 years, said she loves the company and its ideals but believes it's not living up to them. "They have promised the world to us and they have not delivered," said Schweitzer, who was picketing outside her Chicago store on Thursday.

The labor group has organized about 360 Starbucks stores, a small percentage of the company's more than 9,000 U.S. locations. Starbucks downplayed the impact of the labor action. cbsnews.com


Starbucks workers file more labor complaints with NYC as union goes on largest-ever strike
New York’s Fair Workweek law says that employers have to give their workers regular schedules from week to week, 14 days notice of their scheduled hours and extra pay for shift changes, among other requirements. Starbucks baristas have repeatedly accused the company of running afoul of the law: They have filed nearly 90 complaints with the city related to the law since February. cnbc.com

   RELATED: Starbucks Workers Hold Largest Strike in Company History


Record Thanksgiving Shopping Weekend?
More People Than Ever Expected to Shop During Thanksgiving Holiday Weekend
An estimated 182 million people are planning to shop in-store and online from Thanksgiving Day through Cyber Monday this year, according to the annual survey released today by the National Retail Federation and Prosper Insights & Analytics. This figure is 15.7 million more people than last year and is the highest estimate since NRF began tracking this data in 2017.

According to the survey, three-quarters (74%) of holiday shoppers plan to shop during the five-day Thanksgiving holiday weekend this year. This is up from 69% pre-pandemic, in 2019. The top reasons consumers plan to shop during this period are because the deals are too good to pass up (61%) and because of tradition (28%). nrf.com


Mall visits trend upwards in October

Walmart and Target signal more cracks in consumer spending


Quarterly Results

TJX Q3 Marmaxx comp's up 7%, Home Goods comp's up 9%, overall comp's up 6%, sales up about 9%

Canada's Metro Q4 food comp's up 6.8%, pharmacy comp's up 5.5%, sales up 14.4%

Walmart Q3 U.S. comp's up 4.9%, eCommerce up 24%, Intern. net sales up 10.8%, Sam's Club comp's up 3.8%, consolidated revenue up 5.2%

Bath & Body Works Q3 stores net sales down 1%, Direct net sales down 8%, Intern. down 5%, net sales down 2.6%

Macy's Q3 comp's fell 6.3%, stores & digital down 7%, net sales down 7.1%
 

Senior LP & AP Jobs Market

Dir. Asset Protection (CHEF'STORE) job posted for US Foods -- Remote Position
The Director - Asset Protection will lead the field organization in the mitigation of asset loss and the reduction of financial loss, achieving industry leading results, while maintaining industry leading rates of expense. Work closely with cross functional groups within the company to achieve results. Participate in development and the execution of company Asset Protection programs and strategies. Responsibilities include new store development projects, environmental regulatory compliance programs, and administration of Asset Protection systems, Exception reporting, CCTV and Alarm Systems. usfoods.wd1.myworkdayjobs.com
 

Retailers: Time to Boost Your Holiday Cybersecurity
Keeper Security urges retailers to prep for holiday season cyber threats
Keeper Security, a leading provider of cybersecurity software, has issued a warning to retailers about potential cyber threats during the holiday shopping season. With an increase in customer traffic and sales volume, cybercriminals can exploit the high-stress period of Black Friday and Cyber Monday to target retailers with cyberattacks.

This is the time of the year when cybercriminals look to utilise a range of tactics to gain access to an organisation's systems and valuable data. These include phishing attacks, ransomware, malware, business email compromise and more. Preparing for and actively defending against cybersecurity threats during the holiday shopping season is essential to maintain the security of customers' data and transactions.

Keeper Security suggests several best practices to protect sensitive systems and customer data. According to Verizon's Data Breach Report, a staggering 74% of security breaches involve human errors, such as falling victim to social engineering, stolen credentials, or misplacing passwords. Cybersecurity training should be part of employee onboarding to ensure employees are aware of cybersecurity threats.

All systems and software, including Point of Sale (POS) terminals and e-commerce platforms, should be regularly updated with security patches to protect against known vulnerabilities. Installing regularly updated antivirus software can further defend against the newest threats.

Keeper Security also advises retailers to regularly back up and control access to data, as well as monitor user permissions. A critical part of this process includes reviewing existing data collection practices to ensure organisations understand what user information they are collecting. This includes getting rid of any 'dark data' the organisation is not using. If a piece of customer information is not absolutely necessary, Keeper suggests not collecting it.

Weak and compromised passwords are the largest threat to a retailer's cybersecurity. An enterprise password manager can give IT admins visibility into employee password practices, offering them the ability to enforce strong, unique passwords along with multi-factor authentication (MFA), and help prevent employees from entering their credentials on phishing sites.

Moreover, to protect the network, a strong password featuring a mix of letters, numbers and special characters is advisable. Enabling the firewall feature already available in the majority of routers is equally important. Using a Virtual Private Network (VPN) to allow remote workers to connect securely is also recommended. ecommercenews.co.nz

 
Filing SEC Complaint Against a Victim? That's a First.
Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

A notorious ransomware group has filed a complaint with the US Securities and Exchange Commission (SEC) over the failure of a victim to disclose an alleged data breach resulting from an attack conducted by the cybercrime gang itself.

The ransomware group known as Alphv and BlackCat claims to have breached the systems of MeridianLink, a California-based company that provides digital lending solutions for financial institutions and data verification solutions for consumers.

The cybercriminals claim to have stolen a significant amount of customer data and operational information belonging to MeridianLink, and they are threatening to leak it unless a ransom is paid.

In an apparent effort to increase its chances of getting paid, the malicious hackers claim to have filed a complaint with the SEC against MeridianLink, accusing the company of failing to disclose the breach within four business days, as required by rules announced by the agency in July.

This appears to be the first time a ransomware group has filed an SEC complaint against one of its victims.  securityweek.com


AI Security Holes
Unpatched Critical Vulnerabilities Open AI Models to Takeover

Security holes can allow server takeover, information theft, model poisoning & more.

Researchers have identified nearly a dozen critical vulnerabilities in the infrastructure used by AI models (plus three high- and two medium-severity bugs), which could leave companies at risk as they race to take advantage of AI. Some of them remain unpatched.

The affected platforms are used for hosting, deploying, and sharing large language models (LLM), and other ML platforms and AIs. They include Ray, used in the distributed training of machine-learning models; MLflow, a machine-learning lifecycle platform; ModelDB, a machine-learning management platform; and H20 version 3, an open source platform for machine learning based on Java.

Machine-learning security firm Protect AI disclosed the results on Nov. 16 as part of its AI-specific bug-bounty program, Huntr. It notified the software maintainers and vendors about the vulnerabilities, allowing them 45 days to patch the issues.

Each of the issues has been assigned a CVE identifier, and while many of the issues have been fixed, others remain unpatched, in which case Protect AI recommended a workaround in its advisory. darkreading.com


FBI and CISA Release Advisory on Scattered Spider Group

'Randstorm' Bug: Millions of Crypto Wallets Open to Theft