Real-World Breach Mappings¶
Every technique in ASTRA is mapped to at least one publicly disclosed breach. This page collects all mappings in one place.
The goal: connect abstract attack techniques to real incidents so that the risk is concrete, not theoretical.
| Breach | Year | Organisation | Records / Impact | ASTRA Technique | Reference |
|---|---|---|---|---|---|
| Twitter / X API | 2022 | Twitter / X Corp | 5.4M user records | ASTRA-AUTHZ-001 | BleepingComputer |
| Optus Australia | 2022 | Optus (Singtel) | 10M customer records | ASTRA-EXFIL-001 | ITNews |
| Peloton | 2021 | Peloton Interactive | All user profiles publicly accessible | ASTRA-AUTHZ-001 | Tenable |
| Peloton API spec | 2021 | Peloton Interactive | Full API schema exposed | ASTRA-REC-002 | Tenable |
| T-Mobile | 2021 | T-Mobile | 50M+ records | ASTRA-REC-001 | WSJ |
| Coinbase | 2021 | Coinbase | Trading manipulation | ASTRA-AUTHZ-002 | HackerOne #1369820 |
| Auth0 / jsonwebtoken | 2015 | Auth0 + downstream apps | Authentication bypass — all users | ASTRA-AUTH-001 | Auth0 Blog |
| HackerOne GraphQL | 2020 | HackerOne | Internal schema exposed | ASTRA-REC-003 | HackerOne #291531 |
Know a breach we should add?¶
We accept mappings to any publicly disclosed breach where the root cause is confirmed and maps to an ASTRA technique.