It's cool and all that cold wallets are being secured properly, but hacks and insider thefts most of the times concern hot wallets, and these hot wallets can be emptied by every employee who knows where to dig.
In most cases when it concerns insider thefts, you see that before the actual theft the hot wallet has been topped up (in some cases topped up beyond their regular top up amount) and then emptied.
that's probably not the end of the world in coinbase's case. according to them, they keep <2% of crypto in hot wallets, and the hot wallets are fully insured in the case of a hack or inside job:
Please note that the insurance policy covers any losses resulting from a breach of Coinbase’s physical security, cyber security, or by employee theft.
if the cold wallets are ever breached, the shit will hit the fan though.