I thought there was a widely publicized case a couple of years ago where
someone "broke" a RSA challenge encryption puzzle.  Since this used RSA
with many fewer bits that are used in a typical commercial implementation,
it was viewed as "interesting but of little consequence", since the
difficulty of the problem goes up exponentially (well, more than linearly)
with the number of bits in the key...

BillW