LEAKED data on a dark website, allegedly from a Moldovan portal, does not support the hackers’ claims about how they obtained it and raises questions about Moldova’s May 2025 denial that its network had been compromised.
According to Moldova Live, the government launched an investigation after claims that access credentials for the Compensatii platform were offered for sale on the darknet, and Moldova Live reported that the government said the platform is hosted and protected by STISC and accessed only by authorised personnel.
DataBreaches[.]net notes that the Compensatii dataset posted in January 2026 was a .csv containing usernames, email addresses and plaintext passwords, with no dates or timestamps to verify whether it was old or current. Andronachi later said the data were real but old, meaning pre-dating May 27, 2025, which complicates whether the Moldovan authorities erred in prior denials or if new access occurred afterward.
The Bashe Team claims to have data on more than 50,000 unique individuals, and the article urges transparency from Compensatii and STISC about how and when the data were accessed and what steps are being taken to mitigate harm.