Suppose a company wants to implement 2FA for it's users using phone number OTP system, but does not really want to store their phone numbers as it could get breached and phone numbers are considered private.
What they intend to do is store some kind of hash of the phone number. When user logs in, they provide their original phone number, which would later be used to verify against hash, and an OTP will be sent if it matches.
A simple hash is definitely out of question because of how ridiculously easy it is to crack 10 digit phone numbers.
two possible solutions seem to be slow hashing algorithm and salting.
I found that ProtonMail does something similar using salt rotation.
How would one implement something like this? Is it feasible? Is it possible to have some sort of protection even after complete breach (including salt)?