Hardware wallet has one weak link, and it's about the human factor. No one can control this, although we are constantly warned about the importance to not import/type our seed words nowhere except in the hardware wallet itself. (Ledger recovery sheet warning)

There are many ways to protect your wallet hardware wallet, from storing it in safe place, but also to keep your backup (seed) also in safe place (different place then hardware wallet) and to add passphrase as extra protection to seed.

If after all warnings someone does a stupid thing like the one mentioned in the OP, then unfortunately it does not deserve any empathy. I would put something like this in the category of giving someone your ATM card along with PIN because he promised to increase your account for some extra money. Would you do that?