The company is responsible for the device working. Obviously they are not responsible for ie. resetting passwords the customer forgot.
And who is to tell why the device doesn't boot up anymore? They are, and investigating is likely going to mean having an engineer spend time with the device. And that costs money.
And if the device is cleaned wipe, there is really no proof that the client had done anything bad regarding its securing. It's not going to be an easy situation for a company to handle a sudden surge of 10000 warranty repairs.