Stupid if your client is guilty and you trust the database, not so stupid if your client insists they are innocent and the database governance processes are suspect.
That test will run the same way twice unless it has been tampered with, you'd have to be pretty sure before taking a gamble on that. The chances of a false positive are >> the chances of database tampering, why attack the harder target?