It would have been better if the victim imported seeds from his previous wallet.
That would have defeated the purpose of him buying a new hardware wallet. He bought his Coldcard to get away from Ledger that he lost his trust in. Obviously, you have to move away from the old seed phrase also.
It'll be a better security development if they restricts users that use a single dice roll to generate seed phrase.
They can at least add a warning message informing users if the provided number of dice rolls isn't sufficient enough for a safe wallet. After that, it's up to the user to make a greater effort. It's easy to blame the user after something like this, but honestly, I don't know what he was thinking.