X’s Safety account posted its own explanation for the high-profile hack on Tuesday night, and laid the blame squarely on the SEC, which it said had not implemented two-factor authentication, a basic security feature. The account was broken into after hackers obtained the phone number associated with the account from a third party, the X Safety account said.
Source: Motherboard