Part of the allegation seems to be that the beneficiaries may be foreign state actors who have infiltrated the organization.
Not particularly shocking as they'd have to be incompetent to not try to infiltrate a major communications platform, and if the internal controls are as bad as alleged (and has exposed in some of the prior hacks, e.g. the control panel screenshots) they'd have to be incompetent to fail.
A friend I trust quit after being at twitter only a few weeks specifically because of the atrocious lack of internal security controls. When I spoke to them the first thought I had was “this sounds like a gold mine for spies”, so this story today makes perfect sense to me.
Not particularly shocking as they'd have to be incompetent to not try to infiltrate a major communications platform, and if the internal controls are as bad as alleged (and has exposed in some of the prior hacks, e.g. the control panel screenshots) they'd have to be incompetent to fail.