Funny thing is that as long as exchanges require login or any kind of identity verification, they inherently need to store enough information that also allows hackers to gain access to the funds stored in the exchange, even if the funds are stored in multiple isolated wallets per currency. They can't scatter the stored data to several servers because that would slow down the trading to halt on high load. Most secure exchanges use two wallets, one for deposits and another for withdrawals... The wallet for deposits is drained whenever it hits certain limit and the funds are moved to the second wallet that is kept completely offline until someone wants to withdraw coins and kept online for only minimum time to submit the transaction to blockchain. This implies hacking the withdrawal wallet requires immediate access to the offline servers that contain the wallet and knowledge of the wallet password that is stored in secure location outside of the server room. It's still possible to hack the deposit wallet because it must be online all the time, but contain only fraction of the total funds for that currency at any moment.