insider trading
"the attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems,"
This is an attack from inside the security model. This is equivalent to an Intel processor side channel attack.
*Some* employees will always have access to tools which permit account access, at the very least enabling a credential reset. *Some* can modify system code! If those employees go rogue, or stupid, then it's game over. There's no mystery to that.