In the wake of a federal investigation and cybersecurity challenges, the Houston Housing Authority has seen significant changes within its leadership and operational protocols. According to Click2Houston, Jennine Hovell-Cox has stepped in as the interim president and CEO, a decision made by the HHA’s Board of Commissioners during a special Wednesday meeting, previously serving as vice president and general counsel for the agency since 2022.
David Northern, the former CEO, was put on administrative leave with pay on Oct. 29 amid the investigation related to questionable contracts and projects. Amidst this turmoil, the board held a meeting on Oct. 9 addressing Northern's future but took no action at that time, as reported by ABC13. Accusations from Mayor John Whitmire include inefficient leadership and mismanagement of funds, while Northern defends his record, asserting, "I'm confident this warrantless investigation to try to remove me from my position will turn up nothing."
Additionally, HHA has authorized a significant expenditure on new security hardware and software, totaling $331,096.28 to strengthen its cybersecurity defenses. This move comes shortly after Click2Houston uncovered the agency's network breach in September, which prompted the retrieval of systems within 48 hours after the ransomware attack. HHA's research revealed that despite having what was state-of-the-art firewall technology at the time of purchase, there are now vendors whose hardware surpasses the quality of their current systems.
The security enhancements are aimed to address identified deficiencies, including the implementation of two-factor authentication, updated firewalls, and more robust ransomware protections. The board's meeting noted, "Since the cyber-attack of September 21, 2024, the information technology department has been working towards identifying the hardware and software security systems to enhance and\or replace our existing infrastructure." These measures are part of a drive to ensure that once hackers penetrate the network, they are prevented from remotely accessing additional servers and desktops—an issue HHA found in their security evaluation, as detailed by Click2Houston.