Nobody called it a crisis at first.
That's the thing about package theft at scale — it doesn't announce itself. There's no alarm, no incident report, no single moment where someone says "we have a problem." Instead, there's a slow bleed. A Fortune 500 customer starts making noise. Customer service tickets pile up around missing shipments. And then one day, a VP calls and the conversation turns very serious very fast.
By the time it reached my desk, the situation was already deep.
How I got pulled in
It started with a data pipeline.
A colleague flagged me on an internal project called Shipper at Risk — there was a broken data pipeline and a failing email automation that needed a fix. The kind of ticket that sounds routine until you ask what the system is actually for.
I fixed the pipeline quickly. Then I started asking questions.
What I learned changed the entire shape of the engagement. A Fortune 500 customer — one with a nine-figure contract with FedEx — was threatening to move a significant portion of their volume to a competitor. The reason: merchandise was going missing. Shipments were disappearing, and FedEx couldn't explain where they were going or why. From the customer's perspective, they were paying a carrier that couldn't protect their goods, and they were done waiting for answers.
I started talking to VPs — internally at FedEx, and eventually externally with stakeholders at the shipper itself. The pain was real and it was urgent. This wasn't a negotiating tactic. They were genuinely close to walking.
Getting to work
The first thing I did was stop thinking about this as a fraud problem and start thinking about it as a pattern recognition problem.
The question wasn't "who's stealing packages?" — that's a surveillance question, and it leads you toward reactive tools that flag individual incidents after the fact. The question I asked instead was: what does a package journey look like right before something goes wrong?
That reframe made all the difference.
I started at the shipment level — pulling apart the data for the affected shipper, looking at the characteristics of missing shipments versus delivered ones. Scan sequences. Timing between facility handoffs. Route assignments. The gap between final scan and delivery confirmation. Once I knew what I was looking for, the patterns started emerging fast.
Certain routes across the United States were showing anomalous clustering. The same geographic segments, the same facility touchpoints, appearing over and over in the missing shipment data. This wasn't random loss. This was organized.
What we found
Over an eight-week engagement, the picture that emerged was more extensive than anyone had anticipated.
Some of it was straightforward theft — delivery drivers diverting packages before they ever reached the customer. But some of it was more sophisticated. We found instances of packages being relabeled mid-route: someone would remove the original shipping label, apply a new one, and reroute the package to a temporary address — hotel rooms, short-term rentals, addresses tied to people who'd move on before anyone could connect the dots.
The data pointed us to specific facilities, specific routes, and eventually specific patterns of employee behavior that were statistically distinguishable from normal operations. We brought in leadership at the relevant warehouses and worked with them to act on what we'd found.
By the end of the engagement, over 100 individuals had been identified and terminated — some referred to law enforcement. The crime networks were real, they were operating at scale, and they had been invisible until someone built a system to look for them.
Where the numbers landed
Loss on high-value shipments for this customer dropped 65% — a reduction that a VP directly attributed to this work. The contract didn't churn. The relationship was preserved.
The dollar figure that gets attached to this story — $300M — reflects the cumulative value of what was recovered and protected across the engagement. But the number I find more meaningful is the 65%. That's not a revenue figure. That's a measure of how much better the operation actually got at protecting what it was responsible for.
The real lesson
I tell this story not because of the dollar figure, but because of what it took to get there.
The data existed long before I arrived. FedEx has more operational data than almost any logistics company on earth. The signal was in there — it had been in there, almost certainly, for a long time.
What was missing wasn't data and it wasn't a more sophisticated model. What was missing was the right question. Once the problem was framed correctly — not as a surveillance problem but as a pattern recognition problem — the path forward was clear.
This is almost always how it works in logistics operations. The data is there. The signal is there. The gap is in how the problem is defined.
The pattern is in your data too
I've spent the years since building similar systems in different contexts — estimated delivery date forecasting, computer vision for warehouse quality control, garment measurement automation at ThredUP. The domains change. The underlying dynamic doesn't.
Somewhere in your operational data, there's a pattern that's costing you money. It's probably not obvious. It's probably not what you'd guess if I asked you right now.
But it's there.
I write about ML systems, logistics operations, and building for production. If you're working on a problem that sounds like this, I'd like to hear about it — waugh.joseph10@gmail.com