There's not just hacking to worry about. I've seen a situation where we have a Production server and a Test Server running a copy of the production database. We run a process on Test that deletes a large number of records. Part of this process failed, because an obscure part of the software configuration contained a connection path to the production database! If we had been using the same login accounts & service accounts for Test & Production, it would have been a disaster. Since then I've made sure that accounts used on test systems have no permissions on production systems.