Advertisement

A potluck invitation generated a ‘Reply All-pocalypse’ in Utah

For 12 minutes last Friday morning, more than 22,000 state government employees in Utah found themselves avalanched by urgent emails about what should’ve been a mundane office exercise. It didn’t take long for the chaos to spread. “Please remove me,” one worker wrote at 9:33 a.m. “Please stop responding to this email,” replied another at 9:35. “STOP THE MADNESS!!!!” came in a minute after that. By the time it was over, another 51 messages had been sent to a frazzled public workforce, as the Utah government became the latest large enterprise to suffer a flurry of internal emails sent to every employee because the initial note inadvertently went out to the entire list, rather than its intended — and much smaller — audience. It was all because a member of the state’s Department of Corrections goofed up when inviting coworkers to a holiday party featuring a potluck lunch and a gift […]
Many small 3d email message symbols, isolated

For 12 minutes last Friday morning, more than 22,000 state government employees in Utah found themselves avalanched by urgent emails about what should’ve been a mundane office exercise. It didn’t take long for the chaos to spread.

“Please remove me,” one worker wrote at 9:33 a.m.

“Please stop responding to this email,” replied another at 9:35.

“STOP THE MADNESS!!!!” came in a minute after that.

Advertisement

By the time it was over, another 51 messages had been sent to a frazzled public workforce, as the Utah government became the latest large enterprise to suffer a flurry of internal emails sent to every employee because the initial note inadvertently went out to the entire list, rather than its intended — and much smaller — audience. It was all because a member of the state’s Department of Corrections goofed up when inviting coworkers to a holiday party featuring a potluck lunch and a gift exchange.

Survivors of similar events sometimes refer to it as a “Reply All-pocalpyse.”

“It went to everybody,” Stephanie Weteling, a spokeswoman for the Utah Department of Technology Services, told StateScoop. “I believe it was around 80 [people] they wanted to invite.”

The initial email appears to have come from Maria Peterson, a deputy director in the Corrections Department, who Weteling said only meant to send it out to colleagues in her agency. But a slip-up by an information technology worker led to a contact list that was only supposed to include fewer than 100 people ballooning to 22,000, Weteling continued.

What happened was an IT employee made a mistake and added all state employees to this particular group, which was only supposed to be for a division,” she said.

Advertisement

But it didn’t take long for government workers across Utah to start barraging each other with complaints that they had received the invite in error or joking about the situation.

“<braces self for receiving thousands of emails…” someone in the state Department of Human Services wrote.

“Shucks, we were all planning on coming,” another state worker chimed in.

Once the inadvertent email was spotted, though, DTS employees were able to plug the reply-all spigot, Weteling said. The Utah government uses Google’s G Suite of email, scheduling and file-sharing apps, which allows users to mute bothersome email threads and gives administrators the power to shut down discussions entirely, which DTS did 12 minutes after the potluck invitation went out.

Still, the potluck madness, which topped out at 54 emails, spiraled up to the top levels of Utah’s leadership.

Advertisement

“This is real and it’s an emergency,” Lt. Gov. Spencer Cox wrote on Twitter. “Started out as a potluck and $5 white elephant gift exchange in one department and someone accidentally cc’d every state employee. I fear this will never end.”

The email flood subsided and the Corrections Department’s holiday party is still on. But Utah’s induction into the ranks of large organizations that’ve suffered a Reply All-pocalypse isn’t without its lasting lessons. DTS plans to use the episode for training in the future. Past incidents of entire payrolls being included on email chains have lead to personal information being exposed, such as in 2007, when a department-wide list at the U.S. Department of Homeland Security was misconfigured, leading to messages containing contact information for employees — including those working in counterterrorism — going out to the entire group.

This could’ve been much more serious,” Weteling said. “Luckily this was just a pot luck.”

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed is the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He has written extensively about ransomware, election security, and the federal government's role in assisting states, localities and higher education institutions with information security.

Latest Podcasts