Reply Allpocalypse

Email storm

A reply allpocalypse, also called an email storm, is a sudden spike of “reply all” messages on an email list. When members respond, often pleading for the cessation of messages, a chain reaction is triggered, generating traffic that can render the email servers inoperative.

Some email viruses also have the capacity to create email storms by sending copies of themselves to an infected user’s contacts, including distribution lists, infecting the contacts in turn.

March 1987: Jordan Hubbard, using rwall, intended to message every machine at UC Berkeley, but the message was sent to every machine on the Internet listed in /etc/hosts. This message was not an email.

October 1997: a Microsoft employee noticed that they were on the as-yet unknown email distribution list ‘Bedlam DL3’ and emailed the list asking to be removed. This list contained approximately a quarter of the company’s employees, 13,000 email addresses. Other users replied to the list with similar requests and some with requests to stop replying to the list. A Microsoft employee estimates that 15 million emails were sent, using 195 GB of traffic.

October 2007: an email storm was generated at the U.S. Department of Homeland Security, causing more than 2.2 million messages to be sent and exposing the names of hundreds of security professionals.

January 2009: U.S. State Department employees were warned they could face disciplinary action for taking part in a massive email storm that ‘nearly knocked out one of the State Department’s main electronic communications systems.’

November 2012: New York University experienced a reply-all email storm with 39,979 subscribed addresses affected due to an older listserv-based mailing list.

September 2013: a Cisco employee sent an email to a ‘sep_training1’ mailing list containing 23,570 members requesting that an online training be performed. The resulting storm of ‘unsubscribe,’ ‘me-too’ requests, and sarcastic facepalm images resulted in (by the time the list was closed) over 4 million emails, generated over 375 GB of network traffic, and an estimated $600,000 of lost productivity. The following month, a nearly identical email storm occurred when an employee sent a message to a Cisco group containing 34,562 members. The thread was flooded with ‘remove me from the list,’ ‘me too,’ ‘please don’t reply-all,’ and even a pizza recipe.

March 2014: a Capgemini employee sent an internal mail to an erroneously generated mail group containing 47,212 members in 15 countries. The subsequent wave of over 500 reply-alls requesting removal from the list, asking for people to stop replying, along with the expected jokes and humor (in multiple languages), etc., lasted for approximately 6 hours and generated total traffic estimated at over 1.5 TB spread across over 21 million total emails.

October 2014: an email storm of over 3,000 messages, including both spam and student comments, reached University College London’s 26,000 students. Dubbed ‘Bellogate,’ the email chain was started by a prank email sent from an anonymous user pretending to be the provost.

August 2015: Thomson Reuters, a media and information firm, experienced a ‘reply all’ email storm reaching out to over 33,000 employees. Seven hours later, the original email resulted in nearly 23 million emails. The storm was initiated by an employee located in the Philippines requesting his phone to be re-activated. Employees from all over the globe took to social media trending the hashtag #ReutersReplyAllGate.

October 2015: Atos, a European IT services corporation, experienced a ‘reply all’ email storm. In about one hour, 379 emails were sent to an email distribution list with 91,053 employees, leading to more than 34.5 million emails. The storm was initiated by an employee located in India, requesting a password reset for a machine.

August 2016: The ‘New York Times’ internal email system experienced an email storm; this resulted in an article published in the 2 September edition, titled ‘When I’m Mistakenly Put on an Email Chain, Should I Hit ‘Reply All’ Asking to Be Removed?,’ and where the content was only: ‘No.’

November 2016: the UK National Health Service NHSmail system experienced an email storm when an IT contractor at Croydon NHS sent a ‘test email’ to everyone in the organization—approximately 840,000 people. This resulted in an estimated 500 million email messages sent between 08:29 and 09:45.

December 2018: The Utah state government experienced an email storm originating in a holiday potluck invite that was mistakenly sent to 25,000 state employees, nearly the entire state workforce. Utah Lieutenant Governor Spencer Cox called it ‘an emergency.’

January 2019: GitHub notifications caused a large number of emails at Microsoft. There is a GitHub group called @Microsoft/everyone that the notifications were sent to. To make things worse, replying to the notifications automatically resubscribed the user.

May 2019: an employee at the United States House of Representatives sent out a message to an email group called ‘Work Place Rights 2019.’ The group contained every single House employee’s contact. The email replies lasted over two hours.

August 2019: a State Farm agent team member emailed all team members and agents nationwide. This triggered a massive response resulting in approximately 25,000 emails being sent to all users, and caused delays in sending and receiving emails.

January 2021: a US Army civilian replied to a message that originally contained instructions to activate a Microsoft 365 feature on the DoD system. The mailing list had over 74,000 Army servicemembers and support civilians. Because servicemembers can be disciplined for the content of their messages, they took creative steps to inject humor into seemingly benign replies.

June 2022: a user made a pull request to a GitHub repository belonging to the Epic Games organization, tagging several of the organization’s teams. Notifications were delivered to members of the tagged teams, sending emails to around 400,000 members of the tagged “EpicGames/developers” team in the process. Furthermore, some individuals received an additional 150 notifications as a result of the ensuing comments submitted in response to the request. Epic Games uses GitHub to distribute source code for its Unreal Engine game engine and grants access to the private repositories by adding users to the ‘EpicGames/developers’ team, accounting for its unusually large number of members compared to other GitHub organizations.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.