Can it? Sure. Anything that is accessible through the internet has a vulnerability in some form of another. Whether it would be a technical or a social vulnerability, it can be exploited. If people find security flaws in the software, exploit it in certain ways and abuse it for their malicious intents, I see no reason why that cannot be done. However, it is probably a majorly complicated issue to get into the application, and multiple layers of security protecting it don't make it easier. Another approach is Social. Either phishing or another form of getting employees credentials or access to development devices. If you can’t do it directly, you can always attempt another approach. I would assume that there are security measurements for such issue as well. But it is not all 100% safe. Additionally, I recommend reading other answers here as they are equally insightful. But sometime you may need some professional interference, Just contact cyberrlord @ gmail . com or on whatsapp +1 (510)606-5628