I am sorry but either from the article or discussion here, I am not exactly clear what has happened. Can someone explain ? Meaning did the user accounts on Twitter got hacked or the actual company websites ? Or both ?
At this point, no one really knows much other than that they've managed to get several prominent Twitter accounts to post scam messages. There were also replies posted and tweets pinned and recovery emails reset, so the attack seems deeper than just "ability to post a new tweet".
Some accounts were protected with 2FA, so it probably is some exploit in the API which affects many accounts (possibly all?), some intrusion in the Twitter infrastructure, or some exploit which allows people to hijack accounts. But that's really just an educated guess.
Considering it doesn't seem fixed yet, I'm not even sure the Twitter people have a complete understanding of what's going on yet.
