Twitter Inc has struggled for years to police the growing number of employees and contractors who have the ability to reset users’ accounts and override their security settings, a problem that chief executive officer Jack Dorsey and the board were warned about multiple times since 2015, according to former employees with knowledge of the company’s security operations.

Twitter’s oversight over the 1,500 workers who reset accounts, review user breaches and respond to potential content violations for the service’s 186 million daily users have been a source of recurring concern, the employees said. The breadth of personal data most of those workers could access is relatively limited – including such things as Internet Protocol addresses, email addresses and phone numbers – but it’s a starting point to snoop on or even hack an account, they said.