Story image

Kiwi startup helps disrupt major Aus crime ring

A major Australian retailer, Auror, a New Zealand based company and the Police worked together to disrupt an organised retail crime (ORC) ring targeting infant formula and beauty products in Melbourne, Australia.

To protect the anonymity of those involved, references to the retailer and loss prevention manager will appear as ‘The Retailer’ and ‘John’ respectively.

John faces similar challenges to other major retailers when it comes to protecting the assets and people at his company from external risks. He has limited resources, yet works to ensure his team’s efforts are complementary to sales and operations of the business.

John has long held a view that just focusing on catching shoplifters is not an effective approach to reducing unknown loss on its own. 

Unfortunately, there seems to be a nearly endless stream of shoplifting driven by offenders seeking to fund drug addictions and drug operations. 

But what if he could disrupt the black market for the stolen merchandise and take the money out of it for the shoplifters?

He didn’t want to catch one offender, he wanted to close down the black market for the stolen goods. 

To borrow a quote from Daenerys Targaryen in Game of Thrones: “I'm not going to stop the wheel. I’m going to break the wheel.”

What happened?

A prolific offender was identified by John’s team stealing a significant quantity of infant formula and beauty products across a number of stores in quick succession. 

Through Auror, they were able to immediately ascertain her offending history and connect the dots from incidents across their stores.

Given the frequency and value of the offending, The Retailer suspected there would be an active receiving network operating behind the scenes. 

They acted quickly and organised to put the offender under surveillance to see where she was disposing of the goods.

Places and persons of interest identified:

A two-day surveillance operation started at the home of the known offender in the early hours of the morning, where they witnessed her leaving home at 6:30 am to spend the day stealing from 10 of the Retailer’s stores. 

She was then followed to a residential property where she dropped off the goods to an elderly lady in exchange for cash.

Major receiving hub identified:

Activity levels indicated the address was a major buying hub for stolen goods. 

Large quantities of goods were captured on camera being delivered to the house, often by known offenders, with wads of cash handed over in exchange. 

Further receiver addresses were identified through continued surveillance by the team.

John now had strong evidence to go to the Police and work with them to target the receiving hubs identified over two days of surveillance.

Victoria Police conducted a search of six properties, finding more than $300,000 worth of The Retailer’s stolen goods, $500,000 in cash, large volumes of a drug cutting agent and made seven arrests.

Most of the goods recovered were packaged in labelled boxes ready to be shipped to other states and overseas.

Subsequently, the Retailer has seen a decrease in incidents for these hot products across stores around the receiving hub.

Not a bad result for a few days of work, and all within a four week period.

Auror is an NZ based startup and won a New Zealand Innovators Award in 2015.

Article by Auror co-founder Tom Batterbury

SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Verifi takes spot in Deloitte Asia Pacific Fast 500
"An increasing amount of companies captured by New Zealand’s Anti-Money laundering legislation are realising that an electronic identity verification solution can streamline their customer onboarding."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.