@zeh
I totally agree with that!! But how about using a burner number from the internet for sign up? Then set a strong registration lock password. You won't need access to the number after that anymore. Of course, it would be nice to do that without a workaround, but still...
Btw, your phone number is sent to the server only in a hashed form. So I imagine plain text retrieval by a third party a very hard task to accomplish...