UPDATE 28.10.2023: This issue has now been partially resolved after being prioritised by Microsoft engineers. It is still unclear whether emails that have been lost throughout the climate community in the past weeks can be fully recovered.
Between 17th and 28th October, to our knowledge any email with the NewClimate URL (newclimate dot org) in the email body, link, signature, reply header or contained anywhere in an attachment was unjustifiably quarantined by Microsoft email servers without any notice, regardless of who sent or received the email. Since 28 October this issue appears to be mostly resolved, but it is still unclear whether emails that have been lost throughout the climate community in the past weeks can be fully recovered.
That our own email flow has been disrupted is not our primary concern: all Microsoft tenants have been afflicted by the same issue when this URL appeared in their emails, or any attachments they share, even when we are not a party to the communications.
Hundreds of governmental and non-governmental organisations working on climate change appear to have been experiencing disruption to email communication when their communications contain any reference to the NewClimate URL.
For example, as per our understanding:
- No organisation using Microsoft email services was able to send the IPCC Sixth Assessment Report of Working Group 3 as an attachment to anyone else (newclimate dot org URL appears 11 times in the report). The same applies to hundreds of other relevant scientific papers and reports from any organisations, where NewClimate URLs appear on the reference lists.
- Any multi-organisation email chain where any of the participants uses Microsoft email services have been breaking down in the case that NewClimate URLs are included. This could arise either because a NewClimate colleague is on the mailing list in the chat history, or if a NewClimate publication is linked to, in the email or the chat history.
We understand that the majority of our partner organisations within the climate community use Microsoft email services, including the United Nations Framework Convention for Climate Change (UNFCCC) and the Intergovernmental Panel on Climate Change (IPCC). Beyond being an existential threat to our own organisation, we have been concerned that this issue could significantly disrupt communication within the climate community, at a time when it is most critical in the run up to COP28 in at the end of 2023 in Dubai.
It came as a surprise to us that this is even possible. It remains unclear whether this is the result of a targeted attack on Microsoft’s infrastructure against NewClimate, or simply a highly unfortunate error on the part of Microsoft. In our consultations with Microsoft and a number of independent IT experts, we have confirmed that we are not on any blacklist and our website is also free of malware.
We are fully dependent on Microsoft to prioritise and solve the issue. Since the first publication of this statement, we understand that Microsoft engineers have now prioritised the issue, and we are relieved that the issue appears to be partially resolved. Emails containing the NewClimate URL no longer appear to be blocked. We continue to inquire with our contacts at Microsoft whether the many lost emails from across the climate community will be recoverable. The situation is extremely unfortunate and we apologise for any inconvenience that this may have caused.