Email storm explained

An email storm (also called a reply all storm or sometimes reply allpocalypse) is a sudden spike of "reply all" messages on an email distribution list, usually caused by a controversial or misdirected message. Such storms can start when even one member of the distribution list replies to the entire list at the same time in response to an instigating message. When other members respond, pleading for the cessation of messages, asking to be removed from the list, or adding vitriol to the discussion this triggers a chain reaction of email messages. The sheer load of traffic generated by these storms can render the email servers inoperative, similar to a distributed denial-of-service attack.

Some email viruses also have the capacity to create email storms by sending copies of themselves to an infected user's contacts, including distribution lists, infecting the contacts in turn.

Examples

• On 31 March 1987, Jordan Hubbard, using rwall, intended to message every machine at UC Berkeley, but the message was sent to every machine on the Internet listed in /etc/hosts. This message was not an email.^[1]
• On 3 October 2007, an email storm was generated at the U.S. Department of Homeland Security, causing more than 2.2 million messages to be sent and exposing the names of hundreds of security professionals.^[2]
• In early 2009, U.S. State Department employees were warned they could face disciplinary action for taking part in a massive email storm that "nearly knocked out one of the State Department's main electronic communications systems".^[3]
• In November 2012, New York University experienced a reply-all email storm with 39,979 subscribed addresses affected due to an older listserv-based mailing list.^[4]
• On 18 September 2013,^[5] a Cisco employee sent an email to a "sep_training1" mailing list containing 23,570 members requesting that an online training be performed. The resulting storm of more than four million reply emails, many of which were requests to unsubscribe and facepalm images, generated over 375 GB of network traffic and an estimated $600,000 of lost productivity. The following month on 23 October 2013,^[6] a nearly identical email storm occurred when an employee sent a message to a Cisco group containing 34,562 members. The thread was flooded with "remove me from the list", "me too", "please don't reply-all", and even a pizza recipe.
• On 18 March 2014, a Capgemini employee sent an internal mail to an erroneously generated mail group containing 47,212 members in 15 countries. This was followed by a subsequent wave of over 500 reply-alls requesting removal from the list, asking for people to stop replying along with jokes in various languages. It lasted approximately 6 hours, involved more than 21 million emails, and generated an estimated 1.5 TB of traffic.
• On 8 October 2014, an email storm of over 3,000 messages, including both spam and student comments, reached University College London's 26,000 students. Dubbed "Bellogate", the email chain was started by a prank email sent from an anonymous user pretending to be the provost.^[7]
• On 26 August 2015, Thomson Reuters, a media and information firm, experienced a "reply all" email storm reaching out to over 33,000 employees.^[8] Seven hours later, the original email resulted in nearly 23 million emails. The storm was initiated by an employee located in the Philippines requesting his phone to be re-activated. Employees from all over the globe took to social media trending the hashtag #ReutersReplyAllGate.
• On 2 October 2015, Atos, a European IT services corporation, experienced a "reply all" email storm. In about one hour, 379 emails were sent to an email distribution list with 91,053 employees, leading to more than 34.5 million emails. The storm was initiated by an employee located in India, requesting a password reset for a machine.^[9]
• On 14 November 2016, at least 840,000 employees of the United Kingdom's National Health Service (out of a total of 1.2 million employees) were sent a 'test e-mail' by a Croydon-based IT contractor, resulting in an estimated total of 186 million e-mails generated during the reply-all storm.^[10]
• On 7 December 2018, the Utah state government experienced an email storm originating in a holiday potluck invite that was mistakenly sent to 25,000 state employees, nearly the entire state workforce. Utah Lieutenant Governor Spencer Cox called it "an emergency".^[11]
• On 24 January 2019, GitHub notifications caused a large number of emails at Microsoft. There is a GitHub group called @Microsoft/everyone that the notifications were sent to. To make things worse, replying to the notifications automatically resubscribed the user.^[12]
• On 28 May 2019, an employee at the United States House of Representatives sent out a message to an email group called "Work Place Rights 2019". The group contained every single House employee's contact. The email replies lasted over two hours.^[13]
• On 3 June 2022, a user made a pull request to a GitHub repository belonging to the Epic Games organization, tagging several of the organization's teams. Notifications were delivered to members of the tagged teams, sending emails to around 400,000 members of the tagged "EpicGames/developers" team in the process. Furthermore, some individuals received an additional 150 notifications as a result of the ensuing comments submitted in response to the request.^[14] Epic Games uses GitHub to distribute source code for its Unreal Engine game engine and grants access to the private repositories by adding users to the "EpicGames/developers" team, accounting for its unusually large number of members compared to other GitHub organizations.
• On 13 December 2022, a medical student at the Mayo Clinic Alix School of Medicine in Arizona sent an email to several large distribution lists which included employees of Mayo Clinic Arizona for an academic project. Over 3,000 individuals received the email.
• On 8 September 2023, an emergency drill held in the United States Senate led to an email storm when users who were asked to give their location used "reply all" to the entire Senate.^{[15] [16]}

See also

• Etiquette in technology
• Information overload
• Blind carbon copy

Notes and References

1. Jordan K. Hubbard . 11 April 1987 . My Broadcast [The UNIX rwall problem] ]. live . The Risks Digest . 4 . 73 . https://web.archive.org/web/20240229162931/http://catless.ncl.ac.uk/Risks/4.73.html#subj10.1 . 2024-02-29.
2. Web site: Vaas . Lisa . 4 October 2007 . DHS Injects Itself with DDoS . 28 January 2019 . eweek.com.
3. News: Lee . Matthew . 11 January 2009 . Reply-all e-mail storm hits State Department . https://web.archive.org/web/20090201072613/http://www.boston.com/news/nation/washington/articles/2009/01/11/reply_all_e_mail_storm_hits_state_department . 1 February 2009 . 28 January 2019 . The Boston Globe.
4. Web site: Chan . Casey . 27 November 2012 . Here's What Happens When 40,000 NYU College Students Realize They Can E-Mail All 40,000 People at Once . 28 January 2019 . Gizmodo.
5. Web site: Fiveash . Kelly . 19 September 2013 . Cisco email accidentally sent to 1000s of employees causes message list MAYHEM . 28 January 2019 . The Register.
6. Web site: Fiveash . Kelly . 23 October 2013 . Reply-all email lightning storm STRIKES TWICE at Cisco . 28 January 2019 . The Register.
7. News: Wakefield . Lawrence . 9 October 2014 . #Bellogate trends after pranksters target UCL students' email . 16 October 2014 . The Guardian.
8. Web site: Perlberg . Steven . 26 August 2015 . Reuters Employees Bombarded With Reply-All Email Catastrophe . dead . https://web.archive.org/web/20150828022306/https://blogs.wsj.com/cmo/2015/08/26/reuters-employees-bombarded-with-reply-all-email-catastrophe/ . 2015-08-28 . 3 April 2017 . The Wall Street Journal.
9. Web site: 5 October 2015 . [Nouveau record] Une "petite" erreur donne lieu à 38 242 260 mails ]. 3 April 2017.
10. News: Siddique . Haroon . 2016-11-14 . '186m needless emails': NHS-wide test message (and replies) crash system . 2024-02-12 . The Guardian . en-GB . 0261-3077.
11. News: Sweeney . Don . 9 December 2018 . Epic 'reply-all': Potluck invite goes to 25,000 Utah state workers – who keep replying . 10 December 2018 . Idaho Statesman.
12. Web site: Weinberger . Matt . 24 January 2019 . As many as 11,543 Microsoft employees got swept up in a reply-all email apocalypse . live . https://web.archive.org/web/20231129031935/https://www.businessinsider.com/microsoft-employee-github-reply-all-email-storm-2019-1 . 2023-11-29 . 28 January 2019 . Business Insider.
13. News: Peischel . Will . June 3, 2019 . The Reply-All Email Chain That Annoyed 10,000 Congressional Employees . 27 August 2020 . The Washingtonian.
14. Web site: Good Looking by Rohith-sreedharan · Pull Request #24 · EpicGames/Signup . 2022-06-05 . GitHub . en.
15. Web site: McNamara . Sylvie . 8 September 2023 . How Does It Feel to Hit 'Reply All' to the Entire Senate? . 9 September 2023 . Washingtonian . Washingtonian Media Inc..
16. Web site: Tully-McManus . Katherine . 8 September 2023 . The Senate's email system melted down in the face of security test and reply-all chaos. . 11 September 2023 . Politico.