This could have been entirely innocent. It happened to an android device I am familiar with as well. Third-party screens will usually identify over i2c/spi/whatever the same as original, but you cannot apply original firmware updates to them (they are different internally and will get bricked). However, as they are designed to appear original, there isn't always a way to tell. The two options both suck: do not ship firmware updates (bad) or ship them and risk damage non-original screens (marginally less bad). The choice in the case I know of was made to not ship update (it was minor). Apple chose otherwise.
This article is lacking a critical piece of investigative reporting: Has this issue affected anyone who used — with proof! — an Apple Authorized Service Partner in current standing to repair their phone?<p>EDIT: They’re very clear that it’s aftermarket screens, but that’s no excuse for failing to say it plainly. Authorized shops have tools that can fix the crypto-pairing between the screen and sensor chip. Unauthorized shops don’t. Either we have secure phones or we have insecure phones. Unauthorized service providers would have you prefer the latter.