[evilduck]

First, why are you accessing personal accounts on a company computer? That's reckless all by itself. Your personal information is up for discovery if the company gets into any legal problems. Keep your professional and personal computer uses separate. There's absolutely zero reason you need to be logged in to your personal Facebook and Twitter accounts at work.

Second, Twitter, Facebook and Google all provide enhanced account security options like Passkeys and MFA and it's clear you're not using them. Turn them on (and using your personal devices, not your work provided items) and your employer or any other random hacker is going to have a substantially harder time accessing your accounts.

[0xDEAFBEAD]

Are you sure they're accessing personal accounts on a company computer?

[evilduck]

If the accusation is against the employer, how would anyone at the employer know anything about their account details for personal websites otherwise? The Teams chat snooping is possible and even above-board but it's very unlikely they're chasing down and using your Facebook and Twitter credentials as part of any official company policy or action that's not being disclosed.

I'm not a lawyer but I don't think they have legal grounds to access an employee's personal accounts even if they have captured the credentials over their property. Accessing a third-party computer without authorization (i.e. accessing Facebook using someone else's credentials without permission and just discovered on company networks and/or hardware through normal logging and monitor) is likely a violation of the Computer Fraud and Abuse Act in the US. A company has rights to read any and all data stored on their property but conditions have to be met before they could use that information for any purpose (i.e. a judge orders it because a lawsuit is in progress because you're sending company secrets through personal accounts or something).