It's 'Gatekeeper Week' on the D&D Daily! Follow along in the 'Vendor Spotlight' column below as Gatekeeper showcases LP/AP solutions for the retail industry

---

 

---

The U.S. Crime Surge
The Retail Impact

'Corporate leaders across the United States are on high alert'

UnitedHealthcare CEO Murder Prompts CVS to Take Extra Precautions
CVS removes photos of executives from its website after shooting of UnitedHealthcare CEO Brian Thompson

A CVS spokesman would not comment when asked whether any CVS executives had receved any threats in the last year

CVS Health pulled photos of its executives off its corporate website following the murder of UnitedHealthcare CEO Brian Thompson.

Company spokesman Ethan Slavin confirmed to the Globe that all photos of its executive leadership team were removed last week. Slavin declined to comment further, and did not answer any questions as to whether CVS or individual executives at the company have received any threats in the last year.

Slavin also would not comment when asked if there were other precautions the company was taking to protect executives.

The news comes as other corporate leaders across the United States are on high alert after Thompson was gunned down outside a hotel in midtown Manhattan last week. The masked gunman waited outside for Thompson before shooting him in the back. Police called the attack "premeditated" and "targeted."

The killing has shocked corporate leaders and the public. Some health insurance companies have taken immediate steps to enhance security. After Thompson's murder, UnitedHealth removed the webpage listing photos and bios of its top executives, and many other insurance companies followed suit - including Aetna, which is owned by CVS.  bostonglobe.com


McDonald's Employee Helps Authorities Catch UnitedHealthcare CEO Killer
Brian Thompson shooting: Altoona McDonald's employee recognized man detained from wanted poster

The man was being questioned by detectives in Altoona, Pennsylvania, after he was spotted in a McDonald's restaurant on Monday, according to reports

A man has been apprehended in relation to the fatal shooting of UnitedHealthcare CEO Brian Thompson, after being identified from police-issued wanted posters.

The individual, who was also carrying a manifesto criticizing healthcare systems, was brought in for questioning by detectives in Altoona, Pennsylvania, following his sighting at a local McDonald's on Monday, as per reports.

Upon their arrival, police discovered the man in possession of a firearm believed to be similar to the one used in Thompson's murder, along with a counterfeit ID, as reported by Fox News. The suspect was reportedly seated and using a laptop in the fast food joint when he was recognized.

Thompson, aged 50, was scheduled to address an investor conference when he was fatally shot outside the New York Hilton Midtown hotel on Wednesday morning. Authorities suspect it was a targeted attack, reports the Express US. themirror.com


Lawmakers & Retail Industry Has High Hopes for CA's New Retail Theft Laws
LA Legislators meet with public safety officials to discuss new retail theft laws
On Thursday, city and state politicians met with local public safety officials to discuss ways to implement new retail theft laws.

Speaker of the Assembly Robert Rivas, Mayor Karen Bass and Assemblymember Rick Chavez Zbur met with local law enforcement, business and criminal-justice leaders at City Hall in a meeting of the minds to find solutions to the retail theft issue plaguing Los Angeles.

Zbur is chair of the Select Committee on Retail Theft and helped author the legislative package that goes into effect in January. He said the 10 new laws will make it easier for police to apprehend and convict suspects who are part of retail crime rings.

"One of the things we know is that, if we are going to stop retail crime, what we have to do is make sure that people that are engaging in it, that the likelihood that they get caught is high and that once that they get caught, there's a meaningful consequence," he said.

It is good news for Peter Sedghi, CEO of Luxury Jewels of Beverly Hills. He said that as someone who was the victim of one of the largest smash-and-grab robberies in Beverly Hills, he hopes this makes a difference. spectrumnews1.com


Top Stolen Items: Electronics, Health/Beauty Products & Food Items
Shoplifting Costs Retailers Billions: These Are Most Frequently Stolen Items

Shoplifting in the US is a costly epidemic, with retailers losing over $120B last year.

The trend focuses on easily concealed, high-demand products at major retailers like Walmart and Target, posing a nationwide challenge for store owners and law enforcement.

Electronics, health and beauty products, and food items are among the most commonly stolen goods, Capital One Shopping reports. Small gadgets such as headphones and phone chargers, alongside over-the-counter medications and cosmetics, are frequent targets.

Alcohol, baby formula, and packaged meats are also popular with shoplifters.

At Walmart, small electronics and accessories are frequently stolen, while Target often experiences thefts of clothing, accessories, and essential household items such as laundry detergent, according to RecFaces. The organization attributes these trends to the high value and resale potential of these products.  msn.com


Retail Theft Task Force looking to decrease retail theft incidents in Rapid City, SD

Arlington, VA: County Police 'Holiday Retail Theft Detail' cracking down on crime
 

---

Retail Workers Face Constant Safety Risks
40% of retail injuries happen in year one, Sentry study finds

New report spotlights risks as holiday hiring adds thousands of new workers

As retailers onboard thousands of employees for the holiday shopping rush, Sentry's newly released 2024 Retail & Wholesale Injury Report reveals a key trend: 38% of retail worker injuries happen within their first year on the job. With retailers expected to hire between 400,000 and 500,000 seasonal workers according to the National Retail Federation (NRF), the findings highlight the importance of proactive safety training to protect employees and minimize workplace risks.

"The holiday season is a critical time for retailers, but it also highlights the safety risks associated with onboarding new workers," said Dan Grant, director of safety services at Sentry, a leading workers' compensation insurer. "Short-term hires often lack the job-specific training and support needed to prevent injuries. Our data is clear: prioritizing ongoing safety mentorship from day one can help reduce injuries across the industry."

Industry trends in retail and wholesale operations

The report sheds light on key injury patterns, including:

• Top injuries: Strains and contusions accounted for nearly 50% of all injuries, followed by lacerations and sprains.

• Lost time impact: Injuries resulting in missed work led to an average of 70 lost workdays.

• At-risk workers: Workers under age 30 experienced the highest injury rates, accounting for nearly one-third of injuries of all cases.

"Retail workers face constant physical demands, from stocking shelves to lifting heavy items in the stockroom or warehouse," explained Grant. "Behind the scenes, employees are constantly lifting, bending and reaching to keep up with customer needs. These repetitive tasks can lead to significant injuries. Our goal is to raise awareness of these risks and promote safer working alternatives for all employees while supporting and maintaining critical production goals." prnewswire.com


Is Your Safety Culture Strong?
4 Causes of Safety Culture Problems
Nearly every workplace has safety culture problems. And with good reason-workplace cultures grow slowly and can be killed quickly. Four factors can cause particular trouble for safety cultures and lead to negative attitudes towards safety and increased resistance to safety initiatives.

Don't provide resources for success

It's common knowledge that strong workplace cultures are the byproduct of giving employees the resources they need to succeed. What often gets forgotten is that this is true of every type of culture-including safety cultures.

Employees need to receive a few key resources for any safety initiative. Knowledge and skills are two big ones. After all, you can't expect people to follow safety procedures if they don't know the proper way to do them or lack the skills to actually carry them out.

Lack of leadership commitment

Demonstrating commitment at all levels of the organization is an important cultural factor and there's no better way for leaders to show that they value safety than by arriving at training sessions with a positive attitude. It can be hard for safety managers to convince their bosses to show up, but it's worth making the effort-because seeing upper management roll up their sleeves can have tremendous value on safety culture

Actions and ideals don't match up

It can take years to regain the trust of employees once safety promises are broken and in the meantime, the organizational safety culture will suffer. So make sure that your organization is able to follow through on its stated safety goals. A human factors framework can help to tie it all together.

Safety feedback problems:   safestart.com


Will More Retailers Face DEI Lawsuits & Backlash?
Is Target's DEI Investor Lawsuit a Warning Sign for Other Retailers?
On Dec. 4, Target had its motion to dismiss a lawsuit promoted on behalf of investors denied by the U.S. District Court for the Middle District of Florida, according to Retail Dive.

The lawsuit, launched by conservative advocacy group America First Legal (AFL), indicated that Target had misled investors by failing to include the potential risks of diversity, equity, and inclusion (DEI) and environmental, social, and governance (ESG) campaigns in official disclosure documents. The lawsuit, "Craig v. Target Corp.," was filed by AFL in August 2023 and specifically singled out the retailer's 2023 Pride campaign.

The campaign, as the suit alleges, significantly harmed profits, and investors were not officially made aware of associated risks or "adverse reactions" from consumers.

Whether the suit will be successful or not remains to be seen. Earlier this year, a federal judge in Ohio dismissed a case led by AFL against Hello Alice, a fintech platform also committed to DEI principles, per a separate Retail Dive report. retailwire.com


These 23 States Will Increase Minimum Wages in 2025
Can Businesses, Consumers Handle Higher Costs?
Despite, or perhaps due to, inflationary concerns, at least 23 states are slated to increase their minimum wage requirements for businesses in 2025.

As Ballotpedia outlined, 23 states - in addition to Washington, D.C. - are set to hike minimum wage rates within their jurisdictions. Those states are: Alaska, Arizona, California, Colorado, Connecticut, Delaware, Florida, Illinois, Maine, Michigan, Minnesota, Missouri, Montana, Nebraska, New Jersey, New York, Ohio, Oregon, Rhode Island, South Dakota, Vermont, Virginia, and Washington. retailwire.com


Kohl's to close Stoughton store, lay off 77 workers

Foot Locker's loyalty revamp shows early signs of success
 

Massive Surge in Black Friday Cyber Scams
Darktrace Reports 692% Surge in Black Friday Cyber Scams

AI cybersecurity firm Darktrace reveals increase in brand impersonation attacks targeting retailers, with holiday-themed phishing attacks rising 327%

The retail sector faces mounting pressure from cyber criminals during the holiday shopping season, as attackers exploit the surge in online transactions and promotional communications to target both retailers and consumers. This trend has intensified in 2024, with cyber criminals developing increasingly sophisticated methods to impersonate trusted retail brands and exploit seasonal shopping patterns.

These attacks come at a time when global e-commerce sales continue to rise, creating opportunities for cyber criminals to exploit the high volume of digital transactions and promotional communications. Retailers must balance the need to engage with customers through email marketing campaigns while protecting them from fraudulent communications that could compromise their personal and financial data.

Against this backdrop, cybersecurity AI firm Darktrace has identified an unprecedented rise in retail-focused cyber attacks during the 2024 holiday shopping season, with Black Friday-themed phishing attacks increasing by 692% compared to early November. cybermagazine.com


Protecting Data Is Key
How to Implement Least Privilege to Protect Your Data

Why is the Concept of Least Privilege Vital in Data Protection?

Considering the escalating cybersecurity threats in our digital world, the question of how to implement least privilege to protect your data is becoming essentially crucial. With the rise of Non-Human Identities (NHIs) and the complexities associated with their management, a strategy that secures both the machine identities and their secrets is needed now more than ever. The concept of least privilege, an important cybersecurity design principle comes into play here. But what exactly is the least privilege?

Understanding the Concept of Least Privilege in Cybersecurity

Least privilege is a security concept where an end user is given the minimum levels of access, or permissions, needed to complete his or her job functions. It simply means that NHIs should have no more authorization than necessary to perform their tasks. This can greatly reduce the potential for data leakage.

How does Least Privilege Impact NHI Management?

Properly implementing the least privilege model within NHI management can bring about a host of benefits, offering a distinct difference between non-human and human identities and their respective challenges. Here are some impacts you can anticipate:

• Increased visibility and control: NHIs can be tracked, classified, and managed effectively, providing a centralized view for access management and governance.

• Improved compliance: It helps meet regulatory requirements and enforces policies with detailed audit trails.

• Reduced risks: By ensuring NHIs have only the necessary permissions, the likelihood of breaches and data leaks is significantly lowered.

• Cost savings: By automating the rotation and decommissioning of secrets and NHIs, tremendous operational cost savings can be realized. securityboulevard.com
 

Ransomware Attack Fallout Continues
Blue Yonder investigating data leak claim following ransomware attack

The software supply chain company is widening its investigation after Termite ransomware leaked data it claims is linked to the attack.

Blue Yonder on Friday acknowledged it is investigating claims by a public threat group linked to the November ransomware attack.

An emerging threat group dubbed Termite ransomware claimed credit for the Nov. 21 attack, saying it has 680GB of Blue Yonder data. Security researchers from Arctic Wolf said the claim was posted on a leak site that has only been in operation since October.

Blue Yonder - which initially described the attack as ransomware - said it is working closely with outside forensic experts to address the claims. Its investigation into the attack is ongoing, the company said. cybersecuritydive.com


What makes for a fulfilled cybersecurity career

Trump's pick to run FCC deeply concerned about Salt Typhoon attacks