Prevent using an existing phone number in MFA

I have activated an MFA through SMS. However, it seems that two users can use the same phone number for MFA. Here’s how they can do it:

  1. User1 registers an account.
  2. User1 logs in and gets prompted with a phone number with MFA
  3. User1 provides their phone number and proceeds with the next login steps
  4. User1 is logged in.
  5. User2 registers an account.
  6. User2 logs in and gets prompted with a phone number with MFA
  7. User2 provides User1’s phone number and proceeds with the next login steps.
  8. User2 is logged in.

I expect steps 7 to fail because the number is already used by User1. How do I prevent User2 from using User1’s phone number?