As to NSO’s blanket denial of having any access to how their customers use their software, that’s not entirely true by design —they manage the exploit delivery infrastructure for their clients. This is a hard-earned lesson from the HackingTeam days—

HT had a lot of woes attempting to idiotproof their payload building and exploit delivery process. The former was characterized by a prompt urging operators NOT to upload to VT (aimed primarily at dim Saudi operators). Exploits were handled more carefully via support portal—

The support portal required a backdoor created with the HT masternode and a lure document of the customer’s choosing. HT would create the exploit-laced file and host it via a one-time link that the operators could deliver in the method of their choosing.

NSO does something similar—they don’t leave their precious zero-click iOS exploits at the mercy of clients. They host the infrastructure for exploit delivery. That doesn’t entail access to the exfil stolen from victims but it’s certainly enough to identify intended targets.

If I had to guess, a list of numbers that includes actual victims as well as incompatible phones and targets that weren’t successfully infected would come from this infrastructure or whatever support portal was used to nominate infection targets.