Could also be a third party service compromise (ex: one used for marketing/scheduled posts) seeing that some of them are business or organizations.
Related to their Cloudflare migration?
I wonder if this accidentally exposed the moderator admin interface.
I was thinking more along the lines of the API auth//access control getting messed up. But a third party service linked to the accounts is more likely.
Unfortunately Twitter doesn't do post mortems of events/outages, so we probably won't know the real story.
[dead]