Bartell Hotels issued a notification that the payment card processing systems used at five of its San Diego locations were compromised and personal information – including credit card numbers – may be at risk.

How many victims? Undisclosed. The privacy counsel for Bartell Hotels did not return a Wednesday request for the information. 

What type of personal information? Names and credit card numbers.

What happened? Bartell Hotels' investigation determined that the payment card processing systems used at five of its locations in San Diego were compromised by a third party attacker and the personal information may have been exposed.

What was the response? Law enforcement and credit card brands have been notified. An investigation is ongoing, but the “root of this problem” has been addressed and remediated. All impacted individuals are being offered credit monitoring and identity protection services.

Details: The five impacted hotels include the Best Western Plus Island Palms Hotel & Marina, The Dana on Mission Bay, Humphreys Half Moon Inn & Suites, Pacific Terrace Hotel and the Days Hotel–Hotel Circle. The incident occurred between Feb. 16 and May 13.


UPDATE: In a follow-up statement emailed to on Thursday, Richard Bartell, CEO of Bartell Hotels, wrote that the potential number of affected customers is estimated to be between 40,000 and 45,000. Bartell wrote that expiration dates may have been compromised, as well. "We have begun the process of notifying those whose information may have been affected," Bartell wrote. "This includes delivering written notification to 16,432 individuals for whom we have mailing addresses."