Hackers used phone phishing on Twitter employee to access internal tools