25Nis
Do web-hosting sites like Heroku or Railway expose your database?
I was watching this video https://www.youtube.com/watch?v=Qm7k1CPFkIc about how to steal passwords and the guy mentioned that you can use shodan.io (a site that lists various devices connected to the internet) to find a database you can easily scrape for passwords.
Simply searching "mongo" gives you a list of exposed MongoDB databases as shown here https://www.shodan.io/search?query=mongo
Do web-hosting services like Heroku and Railway have protections in place to ensure that your database can't be discoverable on sites like shodan.io?
