Sure, but what I'm saying is that such breaches may be much harder to detect than typical privilege escalation breaches: there may not be unusual network traffic or unusual file artifacts lying around.
And even if something were detected -- say, someone stole a password and then used it to break in, and that break in were detected; or someone set up a phishing webserver that had the real private SSL certificate -- how would you know whether the password or cert was stolen via speculative execution, or whether it was socially engeneered, guessed or brute forced (in the case of a password), leaked by a disgruntled employee, or stolen by traditional hacking methods (in the case of a cert)?
EDIT: If by "publicized hack", you mean the hacker(s) themselves made a public claim about having used speculative execution, then no, I haven't personally heard of such an instance.
