The article doesn't say if they were personal or work provided phones. Many people living/working overseas have work and personal phones. Also, almost all of those with personal phones get a local SIM, so they'd get a local non-US (not +1) phone number. I used to be an IT admin with DOS overseas. Updates were enforced, and phones were disabled if they were not upgraded to the most recent version. Starting in about 2019, mobile device security went into overdrive and is very serious now. Additionally, the MDM profiles are quite limiting, so this pushed most people to get personal phones. A huge pain for records retention.