Re: $1 Billion Dollar’s Worth of Cryptocurrency Stolen in 2018
The only thing they can do is the 51% attack but it will cost millions of dollars to do that
51% attack only happen when a hacker or software cracker find out some point to manipulate the blockchain hash power or make changes in the upcoming records of new blocks of that blockchain ecosystem. It's don't need any kind of money , but it's need more knowledge of cracking or ability to make changes in blockchain. In the past, Ethereum classic was faced the 51% attack because of some exchange's api low durability.They are good in finding security loopholes, API attacks that's why most of the time they are successful in exploiting exchanges. That's why the golden rule is that don't put too much money in an exchange so that you won't loss that much when attacks goes to work their magic.
in these case, you are right . We should always use personal those wallets which private key owned by us, not by exchanges or others. 
By this, none fund will be lossed in hacker's attack. 