I recently revisited parts of the phone hacking coverage (mainly related to the activities of NotW), and it seems that this was never framed as a security failure at the mobile phone operators who ran the network and provisioned the attacked services. Is there any explanation for this?