When the companies are supposed to store most of their funds in cold wallets, how is it possible that they loose so much funds. Alternatively, if 107 btc's only accounts for lets say 3-5% which might be kept in the hot wallet, then it shouldn't matter as the company should be able to pay back their customers if not instantly, then within sometime by their operating incomes.
The fact however remains that if a Webserver has access to the wallets, their is always a possibility of hacking. There is not much any of us can do as the hacks keep evolving and if you dont know about a vulnerability, then there is not much you can do to prevent it. Its not like the Crypto companies are as big as google that they can be on top of everything. Thus, the only option is to sever the link between the webserver and the wallet server and still make them talk somehow. Its very difficult to do but possible.
YOU ARE EXACTLY RIGHT! The reason exchanges keep getting hacked is because their webservers have some sort of access to the MONEY. Take a look at luapod if this is your type of area. I have already completely separated the handling of users money from the webserver. The webserver actually has no permission to handle anybodies money. It only builds and signs requests. EVEN though a request is signed that doesn't mean the backend server accepts it as true. The backend does its own check on the information. You can read up a little bit on how it works at the index page:
http://luapod-web.cloudapp.net/index.luaIf I wanted to I could have my computer running a VPS with 13 GB of ram aloted and close all ports with outbound requests only. I could then use that Virtual machine to run the wallets. No ports being forwarded or any direct communications from anything. The servers decide their job based off of the Mysql Database they are connected to through a virtual network that is hub and spoke managed.