[gwd]

Keep in mind that "breach" here is limited to an information leak. Passwords could be read to achieve a privilege escalation; but a more likely attack would be stealing private keys or other sensitive information. The latter would leave no trace on the target system. So how would you know if your private keys or passwords had been stolen?

[PhantomPhreak]

My question is about publicized hacks of any kind, which I’d still call “security breaches”.

[gwd]

Sure, but what I'm saying is that such breaches may be much harder to detect than typical privilege escalation breaches: there may not be unusual network traffic or unusual file artifacts lying around.

And even if something were detected -- say, someone stole a password and then used it to break in, and that break in were detected; or someone set up a phishing webserver that had the real private SSL certificate -- how would you know whether the password or cert was stolen via speculative execution, or whether it was socially engeneered, guessed or brute forced (in the case of a password), leaked by a disgruntled employee, or stolen by traditional hacking methods (in the case of a cert)?

EDIT: If by "publicized hack", you mean the hacker(s) themselves made a public claim about having used speculative execution, then no, I haven't personally heard of such an instance.