There are attacks on ciphers, and then there are compromises of ciphers. There are many ways of breaking a protocol that have little to do with analysis of the mathematical behavior of its algorithms.

The greatest vulnerabilities of actual encryption systems usually come down to human factors. One colorful term for such human vulnerabilities is "rubber-hose cryptanalysis." That is, people can be tortured, threatened, harassed, or otherwise coerced into revealing keys and secrets. Another colorful term emphasizing a different style of human factor vulnerabilities is "purchase-key attack" -- that is, people can be bribed, cajoled, or tempted to reveal information.

Of course, still other human factor vulnerabilities arise in real-world encryption. You can search people's drawers for passwords on scribbled notes. You can look over someone's shoulder while they read confidential messages or type in secret passwords. You can call people and pretend to be someone who has a legitimate reason to need the secrets (Kevin Mitchnik, the [in]famous hacker, has called this "human engineering"). In many cases it is enough just to ask people what their passwords are!