Their devices are the only ones that allow users to share their seed with third parties, and the only ones that we suspect have access to all generated seeds at all times.
I'm not going to defend this company that screwed up again, but I would like to clarify, if ledger has the ability to access all generated seeds, then what prevents them from stealing the contents of all their customer's wallets? Are they waiting for the best moment? Waiting for more users to become their "victims"? Until there is evidence (facts) of their abuse of their position, it is impossible to say for sure (about access to all generated seeds) and all our suspicions remain just suspicions.
For me personally, it is a greater danger to use that hardware wallet at all than this danger that they warn about.
Until the Ledger is caught red-handed (if that ever happens), the only way to "
protect yourself" is to buy a hardware wallet from another manufacturer. At least, I personally would not want to risk it and wait for the moment when all suspicions are realized.
By the way, +1 for another fackup on the part of Ledger for compromising the developer's NPM account. This company is becoming a champion with all sorts of troubles. Trick question: if the bank where your money is kept is constantly robbed (for example), would you want to keep your money there? Ledger is constantly getting embroiled in various negative stories.