Most large services use a split wallet system where the money is divided into a small "hot" wallet which does day to day activity, and a "cold" wallet which stores the bulk of the money offline and behind physical security. A cold wallet can be both physically protected, and have divided spending responsibility between multiple parties to avoid internal theft. This has the advantage of minimizing losses if the hot wallet is compromised, but will delay extremely high amounts of rates of withdraws as there is a human element (possibly several) in the chain. There is a trade off with the amount of money you have in which side of the split, more in the hot wallet has a higher risk of internet directed thefts, but higher convenience.
Most companies don't disclose how they make their keys, but one can assume they are hardened BIP32 child keys, or individually produced Bitcoin addresses made on a dedicated system. Usually in this sort of setup everybody will use the standard RNG
/dev/urandom which is a cryptographically secure random number generator designed explicitly for this task.