> Additionally, the spy agency targeted unnamed cellular companies’ core networks, giving it access to “sales staff machines for customer information ...

So these corporations had customers' personal data stolen. I believe they're obligated to inform those customers, and possibly other obligations. (No direct knowledge, just spouting off what I've read during the Target and Home Depot breaches.)