My twitter account was compromised TWICE yesterday, but the people who accessed it didn't change my password or access my DMs

The first breach was around 6AM Est yesterday and the second one was at 1AM EST today

I already had 2FA set up with an app so that wasn't the issue (I think that's why they COULDN'T access DMs or change my password)

I believe it was through an app I had given permission to... is this even possible?

I only gave

@Calendly

permission to access my twitter 2 days ago and I had given

@TweetHunterIO

permission to access my twitter account a few months ago

I've changed my passwords and disconnected both

@Calendly

and

@TweetHunterIO

from my account

I haven't had any issues since then

Maybe this is something

@XCreators

@X

@xDaily

can look more into?

Has anyone else experienced something like this? If so, what could have caused this?