Enfield PD on Eli Lilly warehouse break in: 'We did not receive a call'

Start EDIT 2 (added 4:45 p.m. 3/18/2010) I heard back from a couple earlier vmails and emails from ADT spokeswoman Ann Lindstrom. "As a matter of policy, ADT does not comment on active police investigations involving the security industry," Lindstrom said in an email. SSN will continue to follow this story. end EDIT 2 Start EDIT (added 2:30 p.m. 3/18/2010) So I heard it through the grapevine that there's a possibility the police weren't dispatched to this break in. I followed up with a call to the Enfield PD. Here's what happened: I was asked by the call taker to confirm where I worked and what I wanted and was put on hold. I was then transferred to the deputy chief on duty who wished to remain anonymous. The deputy chief checked their records and confirmed they did not respond to the Eli Lilly warehouse overnight between Saturday and Sunday of last week. I asked if they did, in fact, receive a call on the alarm. "We did not respond to Eli Lilly for a burglar alarm or anything else," the deputy chief said. "If they call us to report an alarm, it generates an assignment to which we would respond, and we did not respond, so from that I have to assume we did not get a call." Well, that's not good. end EDIT Wow, this just isn't pretty. It was apparently just like a scene out of a really, really good heist movie--except at the end of the day Eli Lilly is out a lot more than a $9 ticket and $7 tub of corn. Someone was supposedly monitoring this facility and must have gotten an alarm. There must not have been any verification--video or audio--in place. Now, I called the Enfield PD as well as the corporate office of Eli Lilly and couldn't get anyone to share with me who the alarm company was. I guess that's not surprising. However, while I'm not one to kick anyone in the shins, the Wall Street Journal's coverage ran with a somewhat telling pic of an ADT van parked out front the morning after the theft: ob-hw507_0316he_g_20100316194501

Here's how it apparently went down: In the early hours of March 14, an unknown number of thieves scaled the exterior walls of Eli Lilly & Co.'s Enfield, Conn. drug warehouse, cut a hole through the roof (how long must that have taken?), and repelled using climbing gear down into the stockpiles of antidepressants and antipsychotics therein. According to published reports, including stories from the WSJ, the Courant, the Associated Press and USA Today, the history-making thieves took at least a couple hours to locate at least a dozen wooden pallets of desired drugs, painstakingly hoist them up through the hole, load them into a waiting truck and calmly drive away. With $75 million in prescription drugs. That's not only the largest drug heist of its kind, it's also just the latest in a growing trend in recent years, according to an AP report. Far be it from me to blame anyone here, but one has to wonder how this could have happened. How long must it have taken to get this job done? These perps had to have been breaking in, and hoisting those pallets and loading that truck for at least a few hours. None of the published reports says how the in-place security system was circumvented, just that it was. Several reports mention lenses of security cameras being blacked out with spray paint (shouldn't there be tamper alarms on those?) and discs being removed from DVRs (oh, so it wasn't live surveillance but CCTV). I don't want to come off as a commercial, but in this particular situation, the in-place system was blind and deaf (and basically useless). I have to believe that a Sonitrol system would have picked up the sawing through the roof. I also have to believe that a 10-second video clip sent to the central station from a Videofied system would have been cause for dispatch. The point is--and I wrote about this back in October last year--if the alarm had been verified, things might have worked out differently. I'd love to hear from all of you on how this could have or should have turned out differently. And it's not just the drug company that's going to come out a loser here. Their insurance premiums are going to go up, which means drug prices might go up for consumers. The stolen drugs could be tampered with or stored improperly and resold and end up back in the marketplace and bought by unsuspecting consumers. And of course, the security industry in general is a big loser here... I love this line from a Hartford Courant story: "Police were dispatched to the warehouse Sunday about 1:50 p.m., when the theft was discovered, according to a police report. A state police dog was called in to search for suspects, but none was found." Really? That's because thieves (and especially ones as organized as these ones appear to have been) don't stick around till 1:50 p.m. and wait for you to realize the disc has been stolen from your DVR and that the only thing you can do is dispatch a dog to try and follow the scent trail of the criminals... which in this case ascends through the air and up through the ceiling where the dog can't follow. Maybe that sounds sarcastic. Maybe it is. I don't think this is a case where the powers that be should be congratulated for doing all they can. More should have been done by those charged with protecting the premises and assets beforehand. It does very little good to investigate a loss after the loss occurs. So far there are no suspects and no leads, just a whole bunch of people standing around scratching their heads. The WSJ piece also mentions the previous record holder for a drug heist was a $44 million job carried out when the drugs were in transit. My colleague Leischen has covered this growing trend, as well. The WSJ talks with Bob Furtado of Lojack's Supply Chain Integrity unit. I spoke with Bob last year about their move into more traditional security. Perhaps the message here is that good enough just isn't good enough any more. Perhaps it's time to verify all alarms. Perhaps it's time to stop protecting perimeters and locations and begin protecting individual people and assets. It's the security industry's job to see the need before the curve and before the loss occurs.


What about a motion? While I don't at all disagree with you about video or audio verification, I also think a motion detector in the building would've picked up the thieves once they made it through the roof. I am not with Sonitrol, so my approach would be with video verification (which we do), but I can't imagine that a motion wouldn't of prevented this crime. Even with all windows and doors contacted, and with glass break detectors, motions are a good backup solution for someone cutting into a building. I have used optex red walls in industrial settings to prevent this exact thing. It worked.

Hey Jake,

Thanks for chiming in. Check the edit on the blog. I have spoken with the EPD and they've confirmed they did not receive a call for dispatch. That does not mean there wasn't an alarm (through motion, perhaps), just that the alarm wasn't escalated to a dispatch call to the police. That would mean that maybe the call list protocol at the central station is either broken or wasn't followed?

Does anyone know if there is a possibility that they disabled the alarm? Maybe they cut the phone line (no cellular?) before entering. I know that most alarm companies will dispatch after they call the premises. I would be surprised if Lilly was set up differently. My guesses would be there was no alarm, it was disabled, or someone at the central station really screwed up when they were making calls.

It's simple. If this site did not have dual polled communication paths (IP + GPRS) at 60 second intervals then it was under protected.

And yes you're right, for a site of this value, it should have had video verification in place.

[...] Gelinas is a journalist at Security Systems News and has been posting on his blog about the security angle in this [...]

Hey Steve,

It seems hard to believe this would have happened if there were dual communication paths. Or if there had been audio or video verification in place.

Thanks for the comment.

From my experience of the UK & Aussie security industries, this simply would not have been allowed to happen over there. This is especially true of the UK market where a site of this value must have the highest level of protection in order to be granted insurance cover. The insurance company would insist on 60 or 90 second polling on both the primary and secondary paths. The installation company are obliged to provide adequate protection for the premises and the insurance company would usually sign off on the specification so that there are no "misunderstandings". Of course, none of this would stop an "inside job", so let's wait to find out if that was the case here.

You raise a valid point, Steve. And actually, it's one I was discussing with a security industry association officer recently. The facts are not really known. We don't know whether the system had a failure, the criminals had inside help, or the ball was dropped. And in a way, what's more important is how the industry can learn from this and use this opportunity to ask: "Are we doing everything we can to protect the lives and locations, properties and assets we've been charged with protecting?" Thank you for the comment.

Not certain here, but I think that the most newsworthy and maybe most incredulous, was that 12 pallets of drugs are worth $75M. Interested in finding out what the actual loss to Eli Lily will be, as the market value of drugs include the R&D costs and some measure of risk funding for product liability exposure. I would venture the actual out of pocket loss to Lily would be somewhere in the $5M range. Especially because many of the pharmaceuticals are made overseas once production is established, for obvious cost reasons.

Whether the insurance company required an IDS system with video, and redundant communications remains to be seen, but I agree with most of the thoughts on the blog, this job had to have some inside help. I also find it hard to believe that the product was removed via the roof, as that day there were 70MPH+ straight-line winds and anywhere from 4" to 7" of rain that day in the NY-NJ-CT area, which I think would have made a roof-top operation impossible, as well as ruined the product. Media here in NY reports that a truck was loaded via a dock and driven off.

In then end, Lily may wish to do what many jewelers do - have two separate systems from 2 different alarm companies with each having the ability to report each other's alarm and trouble messages, so disabling would require a coordinated, synchronized attack.

I say inside job or insiders helped.

[...] was talking with my editor Sam the other day and we were trying to decide how we could take the unfortunate loss at Eli Lilly and use the incident as the spring board for a valuable discussion on how the industry [...]

Interesting points. it would certainly make more sense if it had been an inside job and the loading dock was used. It will certainly be interesting to see how this plays out as more details are discovered and revealed.

The drug suppliers we had as custmers were required to have DEA approved systems. These were basically extent 2 type with 2 forms of communication, digitial and AA signaling. We used Multiplex direct wire DMP panels. I don't see how they would have been able to penetrate the Drug Cage or Area without internal help. Maybe ADT didn't use AA lne or radio and relied on cell which could have been blocked and the alarm worked, but no communication.

Thanks for the input John. Understandably, the players involved have been tight lipped since the robbery. However, I assume there must have been inside help as well.

The real question will be “Did Eli Lilly require their electronic security contractor to install and maintain the appropriate intrusion detection system?” I’m not referring to a system that would meet the minimum DEA requirements; I’m referring to a system which is designed to detect intrusion in a facility of that type and with that particular target potential. Contrary to some comments; a system can be designed, installed and maintained which will be false alarm free while detecting every intrusion, and still not be susceptible to an “inside” attack. Problem is, it cost good money, it cannot be achieved in the “low bidder” environment, and few companies today are willing to go to that expense.

Interesting point, Malcolm. I've written about it before, when <a href="http://www.securitysystemsnews.com/index.php?p=article&amp;id=ss201002zi... rel="nofollow">price</a> or <a href="http://www.securitysystemsnews.com/blogsm/?p=2174" rel="nofollow">cost</a> is the deciding factor other important considerations--service, the ability to compete--can sometimes be dropped.