It was speculated that the hack was due to a zero day vulnerability that was exploited to gain access to those accounts, but the reality could be much simpler: an inside job. This is according to a report from Motherboard where they claim to have obtained leaked screenshots and spoke to two sources who took over the accounts.
The sources told Motherboard that they had a Twitter rep do all the work for them where the rep was paid for their services. Due to the high profile nature of the hack, it doesn’t come as a surprise that it could have been an inside job as the report claims that the tool used was actually an internal tool used at the company.
Twitter has since responded to the report where they are saying that they are still investigating the situation to determine if the employee hijacked the accounts themselves, or if they gave the hackers access to the tool. The company also released a statement saying, “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”