The title is a bit misleading; the flaw isn't in the encryption method itself, but rather in the randomness of the numbers used to generate the secret keys on some Web sites.
Good encryption depends on good randomness. That's true even of one of the simplest and most secure of all encryption methods, the one-time pad (a grid of random letter substitutions, used once and then thrown away). Even very subtle non-randomness can mess up encryption.
During WWII, the Allies often used one-time pads to encrypt communication with spies in enemy territory. The one-time pads were made by a person who shook a container full of balls that had letters printed on them and drew balls out of the container at random. But randomness doesn't work the way human brains think it does; it doesn't produce even distributions, and there is often "clumpiness" or repeated runs in a truly random sequence. The people drawing out the balls would sometimes not write down the letters exactly as they drew them; they would think "Wait, I drew too many letter Ts in a row, I will just draw again rather than write down another T." This introduced very subtle non-randomness into the sequences that in a few occasions allowed enemies to crack the code.
I saw a really interesting demonstration on TV by a professor who teaches statistics and probability at a college level. On the first day of class, she divides the class into two teams. One team is asked to flip a coin 100 times and write down the results exactly as they are flipped. The other team is asked to try to make up and write down a series of 100 "heads" or "tails" without flipping a real coin. When both teams are done, she comes into the room and tries to guess which one is the real sequence of coin flips and which one the team just imagined would be random. She can spot the real random sequence and the sequence the team just made up almost 100% of the time.
Randomness is hard.