I wonder when the security practices mudge pushed for got put into place at various companies? The company I worked for put those into place between 5-7 years ago: limiting who had access to production, logging access, MDM, security scans on computers, security training, etc... Was twitter behind the curve?