Substitute Notice

Endo Group, LLC  – Notice of Data Security Incident

Nassau County, New York— January 27, 2025— Endo Group, LLC (“Endo Group”) has notified certain individuals of a recent incident involving the unauthorized access of personal information.

On December 31, 2024, Endo Group confirmed that a data security incident impacted certain personal information related to certain of its patients and a limited number of employees.  Specifically, on October 1, 2024, Endo Group learned that an unauthorized third party had accessed two Endo Group email accounts.  Upon thorough investigation, Endo Group determined that such unauthorized access occurred between April 15, 2024 and July 18, 2024.  Based on a review of the unauthorized third party’s activity, the unauthorized access was determined to be financially motivated and targeted at the organization, not individuals.

Categories of information varied for each affected individual and may have included the following: name, date of birth, contact information, and clinical information such as the name of the treatment facility, the name of healthcare providers, medical diagnosis and treatment information, health insurance and payment information, medical record number, and date(s) and time(s) of service.  For a limited subset of individuals, the affected information may have also included Social Security number, driver’s license or other ID number, and credit card or financial account information.  There is no evidence that any of this information has been or will be publicly disclosed, or that any information was or will be misused for fraudulent purposes as a result of this incident.

Endo Group has taken steps to protect the confidentiality of patient information and to prevent this type of incident from occurring in the future.  Such steps include re-training employees and implementing additional technical safeguards.  Endo Group also notified law enforcement about this incident.

Endo Group is providing complimentary identity restoration and fraud detection services to affected individuals for twelve (12) months, unless a longer time period is required by applicable state law.  Individuals with questions regarding this incident can visit or call -833-931-4373 between 6:00 AM EST and 6:00 PM EST, Monday through Friday, excluding major holidays.

This notice is being provided in accordance with the substitute notice requirements under applicable law.

Compliance HelpLine
QR Code for Ethics Point Site

We encourage employees, medical staff, vendors, patients, and business partners to report to Janice Stewart,
Compliance Officer at 516.266.5014 or the Compliance HelpLine any actual or suspected violations of the Center’s
policies and procedures and/or federal or state law. Calls received by the Compliance HelpLine are most often
inquiries but can sometimes be reports of potential misconduct. Our investigatory process includes many methods to
determine whether any misconduct occurred. Compliance takes all calls seriously. Inquiries are reviewed by the
Compliance Officer and may also be reviewed by other applicable departments.
The Center’s Compliance HelpLine is available 24 hours a day, even days a week. Compliance HelpLine callers may
remain anonymous and those who choose to give their name will have their identities protected to the extent allowed
by law. The Compliance HelpLine has multi-lingual operators who can take reports from individuals whose first
language is not English. The Compliance HelpLine can be reached by calling (800) 894-3226 or by visiting www.Northwell.ethicspoint.com online or by
scanning the QR code.