What I don't understand is how does the phone number come into play?  How was the phone used rather than the normal email/password login method if 2fa was not enabled?  Did the "hacker" send a text to Elon and say "I forgot both my email and my password, please let me disseminate critically important trading info to the general public immediately"?