I’ve done some of this professionally as a penetration tester (breaking into the clients information systems, phreaking their phones, and straight up breaking into their facilities). Most businesses these days use VoIP phones, which have their own set of vulnerabilities - they’re ultimately a regular node (like the computer on your desk) with different exploit vectors.
Sadly, most implementations are pretty insecure - operational concerns being the only concerns. Default passcodes, are almost universally in use on both the back end and - especially - on the desk phones.
With mobile phones, you pretty much need to have physical access. It seems like Apple, for example, re-creates the same vulnerability with every software update to its iPhones. This vulnerability makes it trivially easy to slap the phone into emergency mode and gain access to damn near everything stored. That, of course, is beating up on the phone’s owner, rather than the carrier. But is a publicly-known example of hacking a phone and getting potentially valuable information.
It also scares the hell out of 20-something girls who do everything on their iPhones, makes them think you’re a god, and leads to them waking up next to you wondering how this old bastard tricked them into sleeping with them.