When more than one person needs access, like say a social media team, then usually the 2FA has to be piped into some mechanism for the entire team to get it otherwise things get very frustrating very fast and then it gets turned off. So it’s entirely understandable that it’s either off or not as much of a preventative as you might think.
Twitter should implement a feature to allow different people to manage a shared account with a separately set up 2FA for each individual that needs access to the account. It would be entirely feasible to do so, and Twitter is a 36B USD company so they should be able to implement it.