If you do the decryption in your business logic, and store the key separately (Amazon KMS for example), then if somebody hacks the database directly the data is (slightly more) secure.

Agreed though. Encryption is only a stopgap and the DB should never have been public in the first place.