As i know, witness data contains signature. So, miners could do that without private key if i understood it right.
There is no witness data until you spend the bitcoins. The miners would need to create the witness data if they want to steal the bitcoins. Since they don't have the private key, it is not possible for them to create valid witness data.
As indicated by the link YOU provided:
Non-validating clients would be exposed to the reorganization, ones that are validating would not be.
You also are encouraged to take your sig ad spam nonsense elsewhere. It is not welcome in the Technical areas of this forum.