The is not a simple question.
The answer starts out simple. Obviously you start with columns of
- mdl_user - name, email, description ...
- mld_user_info_data - custom use profile field values, if any.
- mdl_user_preferences - not sure if there will be personal information there, but you should check.
But, then you need to start thinking about what users did with the Moodle site. E.g. where there any personal discussions in any forums? If so, they need to be anonymised somehow.
Did any quiz/questionnaire/feedback/survey ask students to submit personal information? If so you need to clean that up.
Any personal comments in Moodle notes or messages?
And so on.
The normal approach to anonymising the data is to replace all the string values in certain columns with random strings.