Stories like this are funny, sure, but the correct lesson to take from the "our {junior developer, dog, LLM, senior developer, disgruntled accountant, rube goldberg machine} deleted our entire production database" is not that you shouldn't have had that {junior developer, dog, etc.} but that it should not have been possible for that to happen in the first place, your system architects were so incompetent they didn't set up access control.
Ideally you should use something like an Object Capability model, but even basic rules like "you require the Special Key that we only deploy on production systems to even access the production database" and "our git repository doesn't allow anyone to push anything that deletes history on main unless they have the CTO's ssh key" go a very long way towards preventing this from happening by accident.
If you are currently at a company where you could delete the production database without at least having to do something that involves typing "I am forcing this run right now without oversight and if it breaks anything I will get turbo-fired" you should find out who you can yell at about it.
(if your daily work requires typing "I am forcing this run right now without oversight and if it breaks anything I will get turbo-fired", this is the same problem. If you're writing scripts that inject "I am forcing this run right now without oversight and if it breaks anything I will get turbo-fired" into an automated process, maybe just look for a new job)
