This article possibly contains original research. (August 2016) (Learn how and when to remove this template message)
An email storm (also called a reply allpocalypse) is a sudden spike of "reply all" messages on an email distribution list, usually caused by a controversial or misdirected message. Such storms can start when even one member of the distribution list replies to the entire list at the same time in response to an instigating message. When other members respond, pleading for the cessation of messages, asking to be removed from the list, or adding adding vitriol to the discussion this triggers a chain reaction of email messages. The sheer load of traffic generated by these storms can render the email servers inoperative, similar to a distributed denial-of-service attack.
Some email viruses also have the capacity to create email storms by sending copies of themselves to an infected user's contacts, including distribution lists, infecting the contacts in turn.
- On 14 October 1997, a Microsoft employee noticed that they were on the as-yet unknown email distribution list "Bedlam DL3" and emailed the list asking to be removed. This list contained approximately a quarter of the company's employees, 13,000 email addresses. Other users replied to the list with similar requests and still others responded with pleas to stop replying to the list. A Microsoft employee estimates that 15 million emails were sent, using 195 GB of traffic.
- On 3 October 2007, an email storm was generated at the U.S. Department of Homeland Security, causing more than 2.2 million messages to be sent and exposing the names of hundreds of security professionals.
- In early 2009, U.S. State Department employees were warned they could face disciplinary action for taking part in a massive email storm that "nearly knocked out one of the State Department's main electronic communications systems".
- In November 2012, New York University experienced a reply-all email storm due to an older listserv-based mailing list. There were 39,979 subscribed addresses affected.
- On 18 September 2013, a Cisco employee sent an email to a "sep_training1" mailing list requesting that an online training be performed. The list contained 23,570 members. The resulting storm of "unsubscribe", "me-too" requests, sarcastic facepalm images and recipes for broccoli casserole resulted in (by the time the list was closed) over 4 million emails and generating over 375GB of network traffic. The following month on 23 October 2013, a nearly identical email storm occurred when an employee sent a message to a Cisco group containing 34,562 members. The thread was flooded with "remove me from the list", "me too", "please don't reply-all", and even a pizza recipe.
- On 18 March 2014, a Capgemini employee sent an internal mail to an erroneously generated mail group containing 47,212 members in 15 countries. The subsequent wave of over 500 reply-alls requesting removal from the list, asking for people to stop replying, along with the expected jokes and humour (in multiple languages), etc., lasted for approximately 6 hours and generated total traffic estimated at over 1.5 TB spread across over 21 million total emails.
- On 8 October 2014, an email storm of over 3,000 messages, including both spam and student comments, reached University College London's 26,000 students. Dubbed "Bellogate", the email chain was started by a prank email sent from an anonymous user pretending to be the provost.
- On 26 August 2015, Thomson Reuters, a media and information firm, experienced a "reply all" email storm reaching out to over 33,000 employees. Seven hours later, the original email resulted in nearly 23 million emails. The storm was initiated by an employee located in the Philippines requesting his phone to be re-activated. Employees from all over the globe took to social media trending the hashtag #ReutersReplyAllGate.
- On 2 October 2015, Atos, a European IT services corporation, experienced a "reply all" email storm. In about one hour, 379 emails were sent to an email distribution list with 91,053 employees, leading to more than 34.5 million emails. The storm was initiated by an employee located in India, requesting a password reset for a machine.
- In late August 2016, The New York Times internal email system experienced an email storm; this resulted in an article published in the 2 September edition, titled When I’m Mistakenly Put on an Email Chain, Should I Hit 'Reply All' Asking to Be Removed?, and where the content was only:
- On 14 November 2016, the UK National Health Service NHSmail system experienced an email storm when an IT contractor at Croydon NHS sent a "test email" to everyone in the organisation—approximately 840,000 people. This resulted in an estimated 500 million email messages sent between 08:29 and 09:45 on 14 November 2016.
- On 7 December 2018, the Utah state government experienced an email storm originating in a holiday potluck invite that was mistakenly sent to 25,000 state employees, nearly the entire state workforce. Utah Lt. Gov. Spencer Cox called it "an emergency".
- On 24 January 2019, GitHub notifications caused a large number of emails at Microsoft. There is a GitHub group called @Microsoft/everyone that the notifications were sent to. To make things worse, replying to the notifications automatically resubscribed the user.
- Osterman, Larry (8 April 2004). "Me Too!". You Had Me At EHLO... (The Microsoft Exchange Team Blog). Retrieved 28 January 2019.
- Vaas, Lisa (4 October 2007). "DHS Injects Itself with DDoS". eweek.com. Retrieved 28 January 2019.
- Lee, Matthew (11 January 2009). "Reply-all e-mail storm hits State Department". The Boston Globe. Archived from the original on 1 February 2009. Retrieved 28 January 2019.
- Chan, Casey (27 November 2012). "Here's What Happens When 40,000 NYU College Students Realize They Can E-Mail All 40,000 People at Once". Gizmodo. Retrieved 28 January 2019.
- Fiveash, Kelly (19 September 2013). "Cisco email accidentally sent to 1000s of employees causes message list MAYHEM". The Register. Retrieved 28 January 2019.
- Fiveash, Kelly (23 October 2013). "Reply-all email lightning storm STRIKES TWICE at Cisco". The Register. Retrieved 28 January 2019.
- Wakefield, Lawrence (9 October 2014). "#Bellogate trends after pranksters target UCL students' email". The Guardian. Retrieved 16 October 2014.
- Perlberg, Steven (26 August 2015). "Reuters Employees Bombarded With Reply-All Email Catastrophe". Retrieved 3 April 2017.
- "[Nouveau record] Une "petite" erreur donne lieu à 38 242 260 mails". 5 October 2015. Retrieved 3 April 2017.
- Victor, Daniel (2 September 2016). "When I'm Mistakenly Put on an Email Chain, Should I Hit 'Reply All' Asking to Be Removed?". The New York Times. Retrieved 6 September 2016.
- "NHS Digital Agenda: Part 1 (Public Session )" (PDF). p. 38. Retrieved 21 April 2017.
- Sweeney, Don (9 December 2018). "Epic 'reply-all': Potluck invite goes to 25,000 Utah state workers — who keep replying". Idaho Statesman. Retrieved 10 December 2018.
- Weinberger, Matt (24 January 2019). "As many as 11,543 Microsoft employees got swept up in a reply-all email apocalypse". Business Insider. Retrieved 28 January 2019.