A friend of mine was recently hacked, but he did not lose anything that was on hardware wallets.
Yeah, it's better to have most funds in a hardware wallet and that is because when someone accessed it without authorization, they're hardly get it because there's an authentication that shall go through with the device itself (hardware wallet) and without such access to the HW, they're unlikely to touch the funds that are kept there.
OP is just explaining that everyone can add as much as addresses as they can even in other networks under one seed phrase provided by Metamask.
For the most popular wallets in the world, most of the exploits are developed by hackers. If you store money on software wallets, you will still lose it as a result of inattention. A $70 hardware wallet protects against such threats. But if the user is inexperienced and uses unknown smart contracts, then even a hardware wallet will not help him.