Hardware wallet is the most important thing and the only one that can really secure your funds
It is important to not generalize that much as this is not entirely true, there have been many cases in which people buy a hardware wallet from a doubtful source and instead of generating a new wallet they use the seed words which came with their compromised hardware wallet, they make a deposit and the hacker steals the money as those seed words originally belonged to them, so as you can see you can lose your coins as well with a hardware wallet if you are not careful.
Buying it from a doubtful source is the mistake they do in that case. Get it from the real source and you won't have such a problem. If you bought ledger nano from "some guy" then you could lose all that you have, but if you buy it from ledger directly and not from some random stranger, the problem drops a lot smaller.
I personally bought it directly from ledger, took months to get to me because on early days they took your money but then built it later on, so it took months to receive one, but I never had any problems at all because I bought it directly from the source. Nobody in between has ever seen it and I trust them enough to know they wouldn't risk any hacking issues in house.