[jmull]

My clever idea to explain this is:

It's a factory test script is getting triggered on the watch somehow.

It would normally be run near the end of the manufacturing process to ensure everything is working as expected. It automatically runs through a series of steps hitting a wide swath of watch functionality and would look a lot like someone rifling through a watch remotely. But a persons watch wouldn't have test data or factory password, so the script soon ends up getting the watch locked (or maybe that's just part of the test).

It could even conceivably type the message "We are in control" (though I have my doubts about that part of the story), because, as those of us who know some hardware verification folks, that's right where their sense of humor is.