ORC Epidemic is Rapidly Spreading
Retailers Caught Unaware By Smash-And-Grab Theft Have Few Tools To Combat It
San Francisco was an early epicenter of what officials describe as organized retail crime (ORC), but it is rapidly spreading to other cities as well. High-profile instances have been recorded in Los Angeles, Sacramento, Lakewood and Monterey, CA, Chicago, Minneapolis, Miami and New York City where thieves made off with over $80,000 of merchandise from a Givenchy store.

No particular type of retailer is safe either, with drug stores, home improvement stores, department stores, specialty retail chains and small businesses being victimized.

But luxury retailers have emerged as prime targets recently. As notorious gangster Willie Sutton explained his reason for robbing banks “because that’s where the money is,” retail thieves are after the most valuable merchandise they can swipe in a hurry. They find that in luxury stores.

Not just crimes against property

“As these crimes have become more organized and brazen, they have also led to more violence. These crimes are not just property crimes. They impact the safety of everyone in the store,” Ben Dugan, president of the Coalition of Law Enforcement and Retail, said in the RILA statement. The NRF and RILA also acknowledge the ease with which criminals can off-load stolen merchandise through various e-commerce platforms.

Congress called to act, but it may not be enough

With pressure mounting to make it harder for criminals to sell stolen products through online marketplaces, the RILA and Buy Safe Coalition have called on Congress to pass the INFORM Consumers Act, introduced in the Senate by Senator Dick Durbin and in the House by Congresswoman Jan Schakowsky and Congressman Gus Bilirakis.

The bill aims to make it “difficult for retail theft rings to peddle stolen goods on leading e-commerce platforms.” Some twenty leaders from major retailers call for passage of the legislation, including Best Buy, Kroger, Target, CVS, Dollar General, Home Depot, Neiman Marcus, Nordstrom, Ulta, Walgreens, Petco and others.

But under pressure from Amazon and the Coalition to Protect America’s Small Sellers (PASS), which includes Ebay, Etsy, Poshmark, OfferUp and Mercari, much of the teeth in the bill has been removed. forbes.com

CA Retailers Install Anti-Theft Wire
How retailers are trying to stop organized retail theft
In an effort to combat a wave of retail thefts and smash-and-grab robberies, some retailers are setting up coiled wire — ­not unlike what can often be seen outside a prison — to act as a barrier between potential thieves and high-end merchandise.

The product is called concertina or tangle wire, and its Slinky-like design acts both as a deterrent and a means to slow down thieves. It’s also safer than the alternative razor or barbed wires, said Josh Nielsen, the vice president of Adamson Police Products. Although it’s not impenetrable, it does work as a visual deterrent and has the potential to slow down thieves in time for police to apprehend them, Nielsen said.

“If somebody’s running, trying to get through something quickly, they are going to have to navigate it and get tangled up,” Nielsen said. As the security measure is erected at shopping centers including The Grove in Los Angeles, suppliers have said they can’t keep it in stock.

A recent National Retail Federation report found that in response to organized crime and in-store attacks, 50 percent of retailers are dedicating money to specific loss prevention equipment. The other half are turning to technological resources that will help them report activities and track data.

Although incidents of organized retail crime were rising before 2020, a shift toward shopping online, where stolen goods often are sold, has exasperated the issue, according to the NRF. As some retailers wait for a more robust and collaborative response from law enforcement and legislators, security measures such as the concertina wire are additional tools for guarding against theft.

“(Police) are doing (the best) they can with the tools provided, and this is one of those tools that we’re trying to aid them in,” Nielsen said.

Ideally, the responsibility of retail workers and shoppers wouldn’t be placed on one entity alone, Rob Karr, president of the Illinois Retail Merchants Association said. Instead, law enforcement, legislators, retailers and court officials need to work collaboratively to come up with solutions that better protect everyone, he said. kron4.com

House Speaker Pelosi Weighs in on SF Theft Explosion
‘It has to be stopped’: Speaker Pelosi slams S.F. retail thefts as ‘outrageous’
House Speaker Nancy Pelosi on Wednesday joined San Francisco Mayor London Breed in condemning mass retail thefts, calling recent crime “outrageous” and calling for a response.

“It’s absolutely outrageous, obviously it cannot continue,” the San Francisco Democrat told reporters at her weekly news conference. “There is an attitude of lawlessness in our country that springs from I don’t know where ... and we cannot have that lawlessness become the norm.”

Pelosi was asked about Breed’s remarks on city crime from Tuesday, in which she said it was “time that the reign of criminals who are destroying our city ... come(s) to an end” and called for an increased police response and new policies to stop “bulls— that destroyed our city.”

Pelosi made a point of denying that the problem was isolated to San Francisco, saying retailers nationally have asked Congress to step up in response to increases in shoplifting and thefts, but the Bay Area has been rocked in recent weeks by particularly brazen and high-profile mass thefts. Breed had also been speaking about drug crimes and gun violence.

Where does stolen Bay Area merchandise go? The answer points to why retail crime is surging

The speaker did not address any law enforcement or prosecution-related responses, but did say the House had two bills in the works that she hoped could cut back on the thefts.

One would require online sellers to verify their products are legitimate, she said, and the other would hold platforms liable for the provenance of what they sell. Both will be included in a package of legislation intended to address a critical shortage of computer chips, she said.

She noted that the retail theft rings are highly organized and distinct from run-of-the-mill shoplifting, making bills that go after the profit motives so important.

“This isn’t like somebody stealing something to go home because they don’t have the money to buy it, this about stealing for profit,” Pelosi said. “Some of it is again high-level stores ... and some of it is your local Walgreens, but none of it is acceptable and again, it has to be stopped.” sfchronicle.com

Armed Security Guards to Patrol Chicago Neighborhood
Armed Private Security Officers Could Start Patrolling Bucktown This Week, But Organizers Won’t Say How Program Will Work
Armed private security guards are expected to begin patrolling a section of Bucktown on Wednesday, according to emails sent by leaders of the Bucktown Neighbors Association, which is organizing the program.

According to documents distributed by the group, the Bucktown Neighbors Association is working with P4, a private security firm with offices Downtown and in suburban Downers Grove, to provide nightly patrols of the neighborhood in response to carjackings and other crime.

Security guards will patrol the area between Armitage Avenue to the north, Damen Avenue to the west, North Avenue to the south and Paulina Street to the east, according to a P4-branded PowerPoint presentation dated Dec. 1 distributed to some neighbors earlier this month.

The nightly security patrols could begin in the evening and last past midnight, with hours changing depending on the season, according to the presentation. During the spring and summer, the patrols would begin later and last longer.

The board declined to comment on or answer specific questions about the plan. According to a document labeled “P4 FAQs” sent to the members of the group and reviewed by Block Club, the guards will be armed, but they don’t have the authority to arrest anyone.

Responding to a question about “what exactly” guards can do if they encounter a crime being committed, the unsigned document says it’s left up to the “off-duty police officer” and “their years of training.” blockclubchicago.org

Smash & Grab Theft Legislation
Illinois Legislation targets ‘smash and grab’ theft rings to create crime of Organized Retail Theft
A state lawmaker hopes to advance legislation to combat what’s described as “smash and grab” retail theft operations. The issue is a problem in the Chicago area where Chicago Mayor Lori Lightfoot said something has to be done. “We've got to send a message that if you do this you’re going to be held accountable and when we do find them and we do charge them they’ve got to be held in custody, period, full stop,” Lightfoot said at a news conference earlier this week. She was asked about around $1 million in merchandise stolen from a luxury car dealer in Chicago’s Gold Coast.

House Minority Leader Jim Durkin, R-Western Springs, said it’s also happening in the suburbs. He filed House Bill 4275, which would create the crime of organized retail theft with a punishment of up to 15 years in prison if the value of stolen goods is more than $300. The Illinois Retail Merchants Association said they appreciate the proposal, but plan to introduce their own solutions. “While we appreciate Leader Durkin’s continued support of the retail community as well as his efforts to ensure retailers can continue to operate safely in Illinois, we are in need of policies that best addresses the many complexities of organized retail crime,” IRMA President and CEO Rob Karr said in a statement to The Center Square. “To that end, we will soon be unveiling a proposal that advocates for comprehensive solutions.”

Durkin said he’s glad they’re coming forward with something because Democrats aren't doing anything about it. “I’m floored that I have not received or heard any type of angst or at least aggravation from Democratic leaders of this state about this problem,” Durkin said. Democrats at the statehouse who say criminal justice should take a data-driven approach are silent, Durkin said. “Well here’s the data, $4 billion of retail merchandise ripped off in the most violent fashions organized by violent street gangs who know they can get away with it,” Durkin told The Center Square. Lightfoot said everyone in the ecosystem has to work collaboratively, from retailers, to police, to social media companies. thecentersquare.com

Another State ORC Task Force
Connecticut Task Force to Combat Organized Retail Crime

Connecticut Gov. Ned Lamont and AG William Tong have announced the formation of a task force charged with combating the growing problem of organized robberies

Connecticut has formed a task force charged with combating the growing problem of organized robberies at brick-and-mortar retailers, Gov. Ned Lamont and Attorney General William Tong announced Wednesday.

The national issue involves smash-and-grab thefts in which large quantities of relatively inexpensive goods are stolen and then resold online. Tong said this is far more than run-of-the mill shoplifting and involves high-level criminal bosses sending crews out to rob the stores.

The task force will investigate robberies in an attempt to identify the organizations behind them and prevent similar thefts.

The Connecticut task force will include representatives from Tong's office, the Department of Emergency Services and Public Protection, local law enforcement, consumer protection officials and officials from large retailers such as CVS. usnews.com
 
Op-Ed: Retail Theft Coverage Hypes Familiar Pro-Criminalization Narrative

Prosegur Security Introduces the World's First EAS System with an Integrated Ad Platform

Global leader in security technology launches all-new EVO system featuring one-of-a-kind monitoring that pays for itself through advertising revenue

'Disturbing' Software Vulnerability May Compromise Customer Records & Data
Cybersecurity official warns software vulnerability could affect 'hundreds of millions of devices'
The Cybersecurity and Infrastructure Agency (CISA) on Tuesday warned that the Log4j vulnerability could impact hundreds of millions of devices, according to a top government official.

The vulnerability is linked to a commonly used piece of software called Log4j, a utility that runs in the background of many commonly used software applications. CISA convened a conference call on the vulnerability, according to a CISA official.

On the call, CISA Director Jenn Easterly told industry and government officials the vulnerability will be widespread and CISA officials stated hundreds of millions of devices are likely affected and can be exploited by a broad range of threat actors, according to that official.

Members of Congress and private businesses are also sounding the alarm about the vulnerability.

"Basically, it's an open door that could allow a bad actor in to either steal your data to launch a ransomware attack, you name it. It's basically an open door to your system that allows an attacker in," Rep. Jim Langevin, a Rhode Island Democrat, told ABC News.

Langevin, one of the founding members of the Cyberspace Solarium Commission, said this vulnerability could be a problem for companies, as it could "compromise an entire company's system and their database, including customer records and data, on a more individual basis."

Cybersecurity giant Mandiant said it is already seeing Chinese government actors exploit the vulnerability. Companies like Amazon Web Services and IBM are working to issue patches in their software as a stop gap to fix the vulnerability.

Langevin said the seriousness of the vulnerability cannot be understated.

"There's no telling what the bad actors could do to carry out their ransomware attack or steal data, implant something onto a system," Langevin said. “If Log4j is used let’s say on a utility could very easily in that, you know, in the in the middle of winter, go on to a compromise, a gas company's website and shut down the gas pipeline, if you will. And so there could be people significant numbers of people that are without natural gas to heat their homes in the dead of winter. It could cause, obviously damage or loss of life, which is again all very disturbing." abcnews.go.com

Chinese Hackers Pounce on Security Flaw
Hackers Backed by China Seen Exploiting Security Flaw in Internet Software

Researchers call it one of the most dire cybersecurity threats to emerge in years and could enable devastating attacks

Hackers linked to China and other governments are among a growing assortment of cyberattackers seeking to exploit a widespread and severe vulnerability in computer server software, according to cybersecurity firms and Microsoft Corp.

The involvement of hackers whom analysts have linked to nation-states underscored the increasing gravity of the flaw in Log4j software, a free bit of code that logs activity in computer networks and applications.

Cybersecurity researchers say it is one of the most dire cybersecurity threats to emerge in years and could enable devastating attacks, including ransomware, in both the immediate and distant future. Government-sponsored hackers are often among the best-resourced and most capable, analysts say.

Both Microsoft and Mandiant said they have observed hacking groups linked to China and Iran launching attacks that exploit the flaw in Log4j. In an update to its website posted late Tuesday, Microsoft said that it had also seen nation-backed hackers from North Korea and Turkey using the attack. Some attackers appear to be experimenting with the attack; others are trying to use it to break into online targets, Microsoft said.

One of the groups exploiting the security hole in Log4j is the same China-backed group that was linked to a widespread attack on Microsoft Exchange servers earlier this year, Microsoft said. In July, the Biden administration blamed China for the Microsoft Exchange attack and said it had high confidence hackers tied to the Ministry of State Security were behind it. Dozens of other countries also blamed Beijing, which has denied involvement in the hacking. wsj.com

Employees Aiding in Attacks on Own Company?
Survey: Hackers approach staff to assist in ransomware attacks

There are a growing number of incidents where employees within organizations are approached to assist in ransomware attacks, according to a Pulse and Hitachi ID report.

Cyberattackers have approached employees in 48% of organizations in North America to assist in ransomware attacks, according to a report by Pulse and Hitachi ID.

For the study, 100 IT and security executives were surveyed to understand recent changes made to cybersecurity infrastructures, their ability to handle cyberattacks and the role played by politics. The majority of the respondents (73%) were from organizations with more than 10,000 employees.

While the report did not go into details of how companies and employees are being approached, it highlighted that 48% of employees have been directly contacted to assist in the attacks, and 55% of the responding directors said they have been personally approached for the same.

Remote work has influenced the increase in people being approached by attackers, with 83% of the respondents saying the attempts have become more prominent since moving to work from home. csoonline.com

One of Largest HR Firms Hacked
Kronos hack will likely affect how employers issue paychecks and track hours
A ransomware attack on one of the largest human resources companies may impact how many employees get paid and track their paid time off.

Human resources management company Ultimate Kronos Group (known as Kronos) said it suffered a ransomware attack that may keep its systems offline for weeks. To ensure employees are paid, companies that rely on the software are working to find backup plans — including issuing paper checks, some for the first time in years.

Kronos is used widely around the U.S. by businesses and governments to track employees' hours and to issue pay. Its many customers include municipal governments, university systems and large corporations. (NPR also uses Kronos.)

According to a spokesperson for Kronos, the ransomware attack has affected only customers that use a particular product called the Kronos Private Cloud.

"We took immediate action to investigate and mitigate the issue, have alerted our affected customers and informed the authorities, and are working with leading cybersecurity experts. We recognize the seriousness of the issue and have mobilized all available resources to support our customers and are working diligently to restore the affected services," the spokesperson said in a statement to NPR. npr.org

Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
 

Dollar Stores Moving Online?
From dollar store to your door, some discount chains looking into online shopping

Many of America's leading discount chains have sat out the online shopping boom. Not anymore.

Dollar General, Dollar Tree, Family Dollar (owned by Dollar Tree), Five Below and Grocery Outlet have all started offering delivery from stores over the past year.

They are tapping delivery companies, such as Instacart and DoorDash, relying on the platforms' network of independent contract drivers to pick and deliver same-day orders from their stores. The platforms receive a cut of the sales.

The chains have said in recent months that offering delivery will help them get a cut of spending from existing shoppers who have increased their online buying during the pandemic. The stores will be listed on delivery platforms' websites, and they're betting that they can draw customers who have never shopped with them before.

"We think being online initially here through this pilot with Instacart is a great way for us to introduce the brand" to new shoppers, Grocery Outlet CEO Eric Lindberg said on an earnings call last month. Grocery Outlet, sometimes known as the TJMaxx of supermarkets, announced in October that it was testing delivery at California stores for the first time in its 75-year history.

These companies want customers to shop inside their stores — and until recently resisted offering delivery because of concerns about profitability, how it would impact in-store sales, and lack of demand from their customer base.

Online delivery is notoriously unprofitable, which clashes with discount stores' low-cost operating models. Their ability to sell stuff for cheap hinges on keeping overhead down, so building their own delivery networks, for example, would be prohibitive. ksl.com

Neiman Marcus Group pushes back against e-commerce split
Neiman Marcus Group on Wednesday dismissed the idea of separating its e-commerce from its brick-and-mortar operations. The previous day, the New York Post reported that it is mulling the spinoff of its online operations and its Bergdorf Goodman banner.

In comments to the media sent by email, CEO Geoffroy Van Raemdonck sought to contrast the retailer's strategy with that of Saks Fifth Avenue, which split its online and offline operations earlier this year. "That's not … for us," he said.

Activist investors who favor separation as a way to unlock value have so far reserved it for department stores, which several observers perceive as a sign of that sector's weakness.

As the leader of a private company, Van Raemdonck may have more freedom to dismiss this idea than do Macy's or Kohl's, which are both under pressure to consider a breakup of their online and offline operations. retaildive.com

Another US Amazon web services outage hits Netflix, Slack, Ring and Doordash

E-Commerce Giant Alibaba Fires Employee Who Accused Ex-Boss of Rape

Sanford, FL: $100K in electronics stolen from Sanford Best Buy
Someone broke into a Best Buy in Sanford and took off with about $100,000 worth of electronics, according to police. Police said the crook got into the business through the roof and stole laptops and televisions. Officers released surveillance pictures of a van they said was suspected to be involved in the heist. Police did not provide any information on a possible suspect. Anyone who recognizes the van or has any information on the burglary is asked to contact the Sanford Police Department. clickorlando.com

Chicago, IL: Women Steal Items From Two Magnificent Mile Stores, Use Stun Gun On Security Guard
Two women stole items from two different stores on the Magnificent Mile Wednesday evening, and one of them used a stun gun on a security guard, police said. At 6:31 p.m., the women went into a business in the 600 block of North Michigan Avenue – reportedly the Niketown store at 669 N. Michigan Ave. – and took merchandise, police said. Employees of the store confronted the women, at which point one of the women pulled a stun gun, police said. The women then ran off onto Michigan Avenue. Shortly afterward, the women entered another unspecified store in the 700 block of North Michigan Avenue and stole items, police said. A security guard confronted the women, and this time, one of the women used the stun gun on him, police said. The women then fled, police said. The women were arrested by responding police officers, and charges were pending late Tuesday. The security guard who was stunned was treated and released at the scene. chicago.cbslocal.com

Cranston, RI: Women swipe $5K in merchandise from Victoria's Secret in Cranston
Police in Cranston said they are searching for two women accused of stealing thousands of dollars worth of merchandise from the Victoria’s Secret store in Garden City. They said a worker shortage is partially to blame. The store caught two women on camera leaving the store without paying at about 3 p.m. Friday. "One served as a look out and the other began filling the bag with merchandise in the amount of approximately $5,000," said Maj. Todd Patalano. Patalano said staffing shortages in stores is making it easier for criminals to get away with these brazen crimes. "Due to the fact that they can wander about the store at will, and when they see that opportunity, criminals seize that opportunity to capitalize on theft offenses," he said. turnto10.com

Shorewood, IL: $3,007 Seizure For Shorewood Home Depot Thief
Norman Chappelle, a 44-year-old man from Chicago, may lose $3,007 in cash to the police, according to a new civil forfeiture complaint from the Will County State's Attorney's Office of Jim Glasgow. On Aug. 7, four Shorewood police officers arrested Chappelle after he stole $2,438 worth of merchandise from the Home Depot at Route 59 and Black Road, according to court documents. Will County prosecutors say Chappelle stole the following items: 1 $546 Toro lawn mower, 2 Milwaukee 8.0V batteries worth $398, 2 DeWalt 9.0V batteries worth $438, 1 Milwaukee 12.0V battery worth $219, 1 Keighley LED Crystal Island worth $219. "The Loss Prevention officer had reported at least 12 previous retail thefts involving Chappelle to Detective Frazier of the Shorewood Police Department, (who) was presently conducting an ongoing investigation into those thefts," the forfeiture complaint noted. patch.com

Medford, MA: Multiple jewelry stores in Massachusetts targeted in smash-and-grab robberies
Police are searching for the people responsible for smash-and-grab robberies at several Massachusetts jewelry stores. Surveillance video shared by Touch of Midas in Burlington shows nine people breaking through the front door in the overnight hours between Saturday and Sunday. Those people then used hammers to smash display cases in order to grab fistfuls of jewelry. Those thieves were able to run off before anyone could catch them. Roland Racicot, the owner of Roland's Jewelry, said thieves broke into his 30-year-old Medford business and stole about $15,000 in merchandise the same night Touch of Midas was robbed. The two stores are approximately eight miles apart.

"You work your butt off your whole life and then you see what happens. And that hurts," Racicot said. Some of the items stolen from Roland's Jewelry were for sale while others were waiting for repair. Racicot said police told him that three or four businesses like his were victims of smash-and-grab robberies over the weekend. He also said that he has installed stronger glass in his store's display cases and plans to lock more merchandise in the safe each night.  wcvb.com

Update: San Francisco, CA: 4th suspect arrested in connection to Walnut Creek Nordstrom theft