Patching bad practices with stupid fixes
The first big problem is that people are using sensitive data for testing, instead of making up proper test data. If good practices are adhered to in the first place, then hackers won't pick up all those juicy nuggets left carelessly lying about.
The second big problem is a stupid fix like this. instead of replacing sensitive data with valid bogus data, they think that developers and testers should still have access to the sensitive data! Wrong! Generate good test data, and then "fixes" will not be needed.