|No such thing as a small change|
One table might contain the half of the digits of the CC and another one the other half, a third table (or more) might contain the rest of the data.
Now you need a table that holds all the relations between them. That table should be encrypted using MD5 or something alike. (better don't forget to change the passwd/ encryption string) Don't save the data on your webserver, better forward these as encrypted info to your "eyeball.backedup.lockedup.secured.intranet" server:-)
Each time a client wants to buy, just assure that he is who he claims to be by using somewhat authentication and then only forward refrences to his user info stored on your intranet server, where you need some tool to generate the billing process, cause you can bill CC also in real world.
Thats just an idea :-)
But you could aslo use a third party for that process so they get blamed if they get hacked :-)
Have a nice day
All decision is left to your taste