[drdaeman]

At least some mobile operators have "SMS archive" option, that can be enabled and accessible from self-service site. It requires some time to set up, but attacker with sufficient time, knowledge and patience may pull the attack relatively easily. No need for NSA-grade adversary.

(Even worse, until relatively recently they had used numeric passwords (those had to be set from a phone, using DTMF tone dial). This had changed only 3 or maybe 4 years ago. Wonder whenever that change was 2FA-related. :) )

So I'm uncertain whenever SMS is more secure.