Hackers may have stolen the credit card numbers of as many as 4,700 online customers of the OSU Bookstore, and hundreds of victims have reported thousands of dollars of fraudulent purchases on their accounts.

The thefts occurred between October 2007 and this May, said Steve Eckrich, bookstore general manager.

He wasn't sure how many illegal purchases were made with the stolen information during that time.

"We would estimate we've been contacted by 200 customers," Eckrich said. Others may have called Oregon State Police or their credit card companies.

The OSU Bookstore's website has been shut down since May 23, when an external breach of its computer system was confirmed.

All of the customers whose information was accessed have been contacted, and advised to terminate those credit card accounts, Eckrich said.

The information stolen includes the customers' names, credit card numbers and billing addresses. Social Security numbers, birth dates and driver's license numbers weren't included.

OSU Bookstore customers first noticed something amiss in March, Eckrich said. There were only about 30 victims, however, so it lacked classic signals of an external computer system breach.

But on May 21-22, a large number of customers called saying they were getting unauthorized charges the day after making a transaction.