The same Twitter-posting Apple employee noted in a thread last week that they had intended EFI checks to ship in Sierra. This indicates that Apple has been considering EFI as an attack vector for at least a couple years, and may perhaps (!) be aware of the risk category.