The U.S. Department of Housing and Urban Development (HUD) Office of Inspector General (OIG) conducted an evaluation of the operational effectiveness of information technology (IT) security controls for the HUDUSER system, which is operated by HUD’s Office of Policy Development and Research (PD&R). The OIG identified four significant weaknesses involving website security, underscoring the need to strengthen technical security controls. To address these findings, we provide eight new recommendations, which will be formally tracked by our office. These recommendations are designed to enhance HUD’s IT security posture by preventing web-based threats from exploiting the HUDUSER system, ensuring the integrity and confidentiality of sensitive information. The OIG has determined that this report contains sensitive information and is therefore not appropriate for public disclosure.
| Report Date | Agency Reviewed / Investigated | Report Title | Type | Location | |
|---|---|---|---|---|---|
| Department of Housing and Urban Development | The HUDUSER System Had Exploitable IT Security Weaknesses | Inspection / Evaluation | Agency-Wide | View Report | |
| Federal Deposit Insurance Corporation | DOJ Press Release: Chinese National and Ringleader Sentenced to 12.5 Years in $27 Million Multinational Fraud and Money Laundering Scheme Targeting Over 2,000 Seniors | Investigation | Agency-Wide | View Report | |
| Department of Justice | Audit of the National Institute of Justice Artificial Intelligence Research and Development to Support Community Supervision Services Cooperative Agreement Awarded to Purdue University, West Lafayette, Indiana | Audit |
|
View Report | |
| Peace Corps | Review of the Peace Corps’ Compliance with the Payment Integrity Information Act for Fiscal Year 2025 | Audit | Agency-Wide | View Report | |
| Department of War | Audit of Interface Controls Over the DoW’s Advancing Analytics Repository | Audit | Agency-Wide | View Report | |
| Department of War | Operation Enduring Sentinel and Other U.S. Government Activities Related to Afghanistan (OES) | Other | Agency-Wide | View Report | |
| Department of the Interior | Summary: Gas Company Failed to Report Federal Mineral Production or Royalties | Investigation | Agency-Wide | View Report | |
| Department of Labor | U.S. Department of Labor's Purchase and Travel Card Risks Assessed as Very Low | Audit | Agency-Wide | View Report | |
| Federal Deposit Insurance Corporation | DOJ Press Release: Fraud Promoter Pleads Guilty to Federal Bank Fraud Charges Involving Manipulation of Stolen Checks | Investigation | Agency-Wide | View Report | |
| Federal Deposit Insurance Corporation | DOJ Press Release: Federal Jury Convicts Virginia Man on Charges Relating to the Deletion of U.S. Government Databases | Investigation | Agency-Wide | View Report | |