The cause of the recent Twitter breach was social engineering. A type of attack where people are tricked by hackers pretending to be, for example, a technical support personnel, to give away sensitive credentials that could be used for extortion and impersonation.
According to twitter “the attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets”