Reasons:
- If someone (from inside or outside) will steal those passwords and publicly release them, you're doomed, you can instantly close your business.
- Some people use the same password for many services. If some "attacker" can access e-mail address and password, the easiest way is to try if that password also works for that e-mail account.
You don't want this happen.
If you can access someone elses e-mail account, you can request sending forgotten password from victim's various services etc.
