I personally wouldn't call it a data breach as such if it's just credential stuffing, but it's great that Paypal put out a notice on it so their customers are aware.
I've had an unparalleled experience in getting an MVP live with shuttle[0] - nothing is as fast for deploying a web app with a database to the cloud. For the database I’ve used shuttle’s dedicated SQL DB instance[1] and for the front-end I’ve used shuttle’s static file server[2].
If you are not scared of diving a bit into Rust, I'd a 100% recommend it.