Seems his nsec is safe, unsure on tweets
Discussion
I can see how of he used phone # for 2fa causing issues where they hijack all accounts using that method but I don't know of any nostr client that uses 2fa to recover an nsec. But I may be wrong.
It was more thinking he may have the nsec saved in a service that sms would let the person access