SAN FRANCISCO, US - Researchers said Friday they found a way to sidestep encryption technology commonly used to protect sensitive data in computers.

A "major security flaw" in several types of popular encryption software exposes supposedly safeguarded information, provided a savvy data thief can get hold of the machines, according to the Electronic Frontier Foundation.

"People trust encryption to protect sensitive data when their computer is out of their immediate control," said EFF staff technologist Seth Schoen, a member of the research team.

"Whether your laptop is stolen, or you simply lose track of it for a few minutes at airport security, the information inside can still be read by a clever attacker."

Researchers claim they cracked an array of commonly-used encryption programs, including Microsoft's BitLocker, Apple's FileVault, TrueCrypt, and dm-crypt.

In a paper published on the Internet, researchers show that data is vulnerable because encryption keys and passwords linger in the temporary memory of computers after machines lose power.

"We discovered that on most computers, even without power applied for several seconds, data stored in RAM seemed to remain when power was reapplied," said research team member Jacob Appelbaum, an independent security specialist.

"We then wrote programs to collect the contents of memory after the computers were rebooted."

Laptops are especially vulnerable to the attack when the machines are in lock, sleep, or hibernation modes, according to the report.

"We've broken disk encryption products in exactly the case when they seem to be most important these days: laptops that contain sensitive corporate data or personal information about business customers," said Princeton University computer science doctoral student J. Alex Halderman.

"This isn't a minor flaw; it is a fundamental limitation in the way these systems were designed."

Researchers say the attack technique is likely to be effective against many other computer disk encryption systems because of structural similarities.

Turning laptops off completely helps guard against intrusion, but doesn't work in all cases, according to the report.