Web encryption vulnerability opens ‘encrypted’ data to hackers