While the data dump may prove to be legitimate, the tools aren’t: TibanneBackOffice.exe and .app are trojans specifically designed to target Bitcoin-Qt wallets and steal funds. Redditor ultra0 posted a proof after decompiling the executable file. He also explained his process for sleuthing out the source code:
It was created in LiveCode, a tool for easy GUI programming, which actually stores a copy of the code encrypted inside of the executable. I essentially just used a debugger and traced through till I found the code in memory and dumped the section, copying and pasting the interesting parts into this post. Actually, it’s a pretty good way to write wallet stealing malware, had they done this in a more “normal” way, I’d have caught it immediately instead of investing a few hours figuring it out. I almost gave up a few times.
Bulgarian-based hosting service VPSBG quickly deactivated the server used to host the scam, but there’s no telling how much damage was done.
CoinDesk goes onto detail about the contents of the leak, as well as some of the theories behind what the data itself shows.