It's slightly useful if you only give the key to your application servers, and not your database servers. Now you need an application server breach and not just read access to a database.
It's not unheard of for something like a decommissioned database backup to wind up insecure and on the internet without being properly wiped, causing a whole-db leak without anyone actually breaking into a production system.
It's not unheard of for something like a decommissioned database backup to wind up insecure and on the internet without being properly wiped, causing a whole-db leak without anyone actually breaking into a production system.
Not sure it's worth the effort:reward though