Hacking things is like looking at a wall of various well built-ness, you’re objective is to get a needle from one side of the wall, to the other (by going through it). You scan the wall and search for a week point, a common one being people themselves, and you try and exploit it and break that part of the wall. There’s no one way to hack into things. You could (And I would never condone this without someone’s explicit and written prior consent):

Brute force admin credentials to try and gain access to the system.

If you’re resources are big and the target is big enough, you could go for bribery or even break in to the physical location where the computers are held, stick a usb into a computer and leave a lovely little virus which’ll give you what you want.

Best one is probably by people, email claiming to be IT or some other fake identity, state that you’ll need their email and password for xyz bs reason. Whilst most people probably won’t fall for it, all you need is one high up person who’s not tech savvy enough to spot the scam and then you have access to a whole bunch of information. If you can trick someone high up at twtiter for instance, to click on a scam link or open a nasty virus file, that can be you hacking in and finding what you need.

Generally speaking, the better the security, the more complicated the exploit, whilst I’m not a hacker, I imagine they’d start off with the lower level simple stuff, and then work their way up to the increasingly complicated exploits as their attempts fail