not gonna speak for CoSoSec...but if some rando insider has the ability to do this...that's bad RBAC...all entities managing "customer" (product?) data need to implement zero trust...no one person within twits should have the ability to post on behalf of any account...there's no valid reason for that level of access to exist...
@voltronic @Render I'm watching my own tmeline and I'll change my password after the hack is resolved.