Back to Victim Disclosures

orion4value.com

settraransomware grouporion4value.com
Published
3d ago

Added Jun 30, 2026

Revenue: 6,200,000 Size: 50GB | THE CERTIFICATE AS A VULNERABILITY: Documents of Orion Registrar Inc. PROLOGUE Financial reports and weekly cash flow statements. Company bank account details at First Citizens Bank. Payroll records and employee timesheets with names and hours worked. Audit reports with detailed vulnerability data from hundreds of clients. The complete contract with General Dynamics Mission Systems — one of the largest contractors of the U.S. Department of Defense — describing all 24 facilities and their headcounts. ISO certification requests from U.S. Army facilities. Internal correspondence with names, phone numbers, and corporate emails of all employees. Complaints about clients caught in fraud schemes who continued to carry the Orion stamp. All of this comprises the documents of Orion Registrar Inc. , a U.S.-based ISO accreditation body headquartered in Arvada, Colorado. The company is accredited by ANAB (American National Accreditation Board) and issues certificates of conformity to ISO 9001, AS9100, ISO 14001, ISO 45001, ISO 13485, and other standards — to enterprises throughout the United States and abroad. The nature of Orion's business makes this leak particularly dangerous: an auditor by definition gains access to the internal processes, vulnerabilities, and organizational structure of each client. Data from manufacturing companies, defense sector suppliers, Army facilities, and critical infrastructure sites. In this article, you will be able to review only a portion of the data we have decided to disclose. Everything else will be available for download and independent review following the publication of the full archive. --- Part I. Who Is Orion Registrar Inc. Orion Registrar, Inc. — a certification body (Registrar / Certification Body) accredited by ANAB. Physical office address: 7502 W. 80th Ave., Ste. 225, Arvada, CO 80003 . Mailing address: PO Box 745070, Arvada, Colorado 80006-5070 . Website: www.orion4value.com . Corporate email domain: @orion4value.com . Main telephone: 303-645-4006 . Business model: Orion conducts audits of enterprises for compliance with international quality standards and issues certificates. For each audit, the company gains full access to the client's internal processes — documentation, production procedures, personnel data, nonconformities (NCRs). This is an aggregated snapshot of vulnerabilities from hundreds of companies that placed their trust in them. --- Part II. Money: Cash Flow Bank: First Citizens Bank, Account x9177 Some of Orion's operating cash flows pass through a First Citizens Bank Checking Account: x9177 (designated "Orion" in the QB system). Weekly Cash Flow Statements November | Sales Receipts | Employee Payroll | Auditor Payroll | Supplier Payments | Closing Balance | |----------------|------------------|-----------------|-------------------|-----------------| | $310,965.80 | $46,786.27 | $102,513.98 | — | $468,321.80 | | $149,081.34 | $0 | $93,370.61 | $49,841.61 | $760,660.36 | | $109,460.92 | $0 | — | $12,508.50 | $882,629.78 | January | Sales Receipts | Employee Payroll | Auditor Payroll | Supplier Payments | |----------------|------------------|-----------------|-------------------| | $276,638.03 | $1,540.01 | $39,174.59 | $28,927.46 | | $175,470.82 | $62,095.73 | $45,214.75 | $12,287.84 | | $168,678.51 | — | $47,326.69 | $37,156.60 | Opening balance as of January 1: $1,101,106.58 . Closing balance as of January 16: $1,246,369.10 . Regular Supplier Payments | Supplier | Type | Amount | |----------|------|--------| | Global Wind Organisation | Membership Fee | $36,319.59 (ACH) | | IAAR | Payment | $4,750.00 | | Wright Point | Payment | $2,295.00 | | United Health Care | Insurance | $8,395.91 | | Delta Dental Insurance | Insurance | $684.33 | | Liberty Mutual | Insurance | $489.51 | | Canvas Credit Union / Rent | Rent | $7,902.75 | | Mutual of Omaha | Insurance | $240.19 | | First Citizens Credit Card | Credit Card | $4,232.86 | The line item "Out-Interest": $194,040.00. This is not a table error — it is an actual interest payment that is four times the weekly auditor compensation pool. The nature of this debt is not disclosed in the available documents. --- Part III. Military and Defense Clients General Dynamics Mission Systems (GDMS) A complete Statement of Work (SOW) for a three-year contract with General Dynamics Mission Systems, Inc. for certification and surveillance audit services. GDMS is an operating unit of General Dynamics Corporation , one of the largest contractors of the U.S. Department of Defense. Headquarters — Fairfax, VA. Orion serves as the Registrar (Seller) to maintain the following GDMS certifications: | Standard | Scope | |----------|-------| | ISO 9001 | All facilities | | AS9100 | Aviation, space, and defense | | ISO 14001 | Environmental management | | ISO 45001 | Occupational health and safety | Complete list of certified GDMS facilities — 24 sites in the United States and Canada with headcount and scope of activities: | Facility | State/Province | Headcount | Activity | |----------|----------------|-----------|----------| | Scottsdale (HQ) | AZ | 2,532 | Command and telecom systems, air defense, information networks | | Pittsfield | MA | 1,341 | Systems engineering, integration and testing of hardware and software | | Bloomington | MN | 788 | Development, integration, testing, supplier quality management | | Taunton | MA | 714 | Command systems, information networks, receiving warehouse | | Marion | VA | 501 | Composites, engineered materials, radomes, aerospace and military products | | Fairfax | VA | 495 | Program management, development, integration and testing | | Ottawa, Ontario | Canada | 900 | Development, production and management of subsystems for global defense programs | | Calgary, Alberta | Canada | 350 | Development, production, maintenance for governments and defense contractors | | Dedham | MA | 322 | Information security, information networks for defense and government customers | | McLeansville | NC | 373 | Program management, development, testing | | Quincy | MA | 99 | Autonomous underwater vehicles (AUV) for defense and science | | GPS Source, Colorado Springs | CO | 73 | GNSS systems manufacturing for military, aerospace, and commercial applications | | Cullman | AL | 194 | Ultra-precision machining of beryllium and exotic materials, optical components | The document includes a requirement: all auditors must be citizens of the country where the facility is located. Auditors must have access to unclassified products, QA documents, and GDMS corporate records. The mere fact that this SOW — with a list of all facilities, headcounts, and scopes of activity — is stored in an unprotected corporate archive raises questions about due diligence on the part of GDMS in selecting the registrar. Red River Army Depot (RRAD), USA Performance Work Statement for ISO 14001:2015 certification services for Red River Army Depot , located near Texarkana, TX. | Parameter | Data | |-----------|------| | Facility | Red River Army Depot | | Address | 100 James Carlow Drive, Texarkana, TX 75507 | | Area | 18,316 acres, 35 production buildings | | Headcount (within EMS) | 3,451–4,350 employees | | SIC Code | 9711 (National Security) | | CB Accreditation at time of contract | IAS (International Accreditation Service) | RRAD is a U.S. Army industrial complex engaged in the reset, repair, and certification of military combat and tactical vehicles. DEVCOM Chemical Biological Center — Rock Island (CBC RI) Performance Work Statement for ISO 9001:2015 certification audit for the Combat Capabilities Development Command (DEVCOM) Chemical Biological Center-Rock Island — a U.S. Army unit responsible for developing chemical and biological defense capabilities. | Parameter | Data | |-----------|------| | Facility | DEVCOM CBC Rock Island | | Headcount | ~120 employees | | Standard | ISO 9001:2015 (recertification) | | Operating Hours | 0600–1700, Mon–Fri, at Rock Island Arsenal | | Remote Audit | Only during pandemic or force majeure | Requirement: auditors must be accredited by ANAB or an equivalent body; each auditor must be certified by Exemplar Global, IRCA, or BEAC for ISO 9001:2015. Both documents with detailed access requirements for a military facility are in our archive. DEVCOM Aviation and Missile Center (AvMC) Documents contain correspondence related to DEVCOM Aviation and Missile Center (AvMC) — the Army's aviation and missile systems center. | Parameter | Data | |-----------|------| | Facility | DEVCOM Aviation and Missile Center | | Contact Person | LaQuinta Andrews, CIV USARMY | | Title | Mission Assurance Manager | | Email | laquinta.n.andrews.civ@army.mil | | Telephone | (256) 975-6396 | | Headcount (EMS scope) | 126–175 employees | | Standard | AS9100 (aerospace and defense) | | Status | Recertification | DEVCOM AvMC is a U.S. Army unit responsible for aviation and missile technology development. Correspondence with Army civilian personnel — including Mission Assurance functions and facility headcount data. --- Part IV. Commercial Clients: What Leaked Alongside Them Cesar-Scott, Inc. (El Paso, Texas) Manufacturer of wire harnesses, cable assemblies, and electromechanical assemblies for the automotive and electronics industries. Certified to ISO 9001 and ISO 14001 through Orion (NSF-ISR). | Parameter | Data | |-----------|------| | Legal Name | Cesar-Scott, Inc. | | Address (US) | 1731 Myrtle Avenue / 4731 Ripley Drive Suite B, El Paso, TX 79901/79922 | | Address (MX) | Av. Parque Industrial Juárez 3827, Ciudad Juárez, Chih, México | | Telephone | 915-543-3212 | | Email | gaudencio.martinez@cesar-scott.com | | Management Representative | Gaudencio Martinez | | Year Founded | 1988 | | Headcount (US) | 12 / (MX) 60 | Company profile with complete production process information. NewAge Manufacturing, Inc. | Parameter | Data | |-----------|------| | Address | 2317 Warren Drive, Plattsmouth, Nebraska 68048 | | Contact | Bob Wood , bob.w@newagemfg-inc.com | | Telephone | (402) 296-6133 | | Standard | ISO 9001:2015 | | Audit ID | 22714 | Scope: plastics manufacturing (PCTFE, PTFE, PFA, PVDF), aluminum, steel; CNC machining, anodizing, powder coating. Monmouth Wire & Computer Recycling, Inc. | Parameter | Data | |-----------|------| | Address | 3250 Shafto Rd., Tinton Falls, NJ 07753 | | Audit ID | 26134 | | Technical Reviewer | Elsa Zarate | | Review Date | November 18, 2022 | Airstreams Renewables, Inc. | Parameter | Data | |-----------|------| | Address | 13681 Chantico Rd., Tehachapi, CA 93561 | | Standard | GWO (Global Wind Organisation) | | Audit ID | 25876 | | Auditor | Cao Hua (Orion) | | Contact | Robert Franklin Pine (Management Reviewer) | Complete NCR report with two Major nonconformities: absence of Management Review and Internal Audit. Internal acknowledgments of losing a key GWO instructor. NxEdge, Inc. (Boise, Idaho) | Parameter | Data | |-----------|------| | Address | 7500 West Mossy Cup, Boise, ID 83709 | | Contact | Dustin Erickson (Management Rep), derickson@nxedgeinc.com | | Standard | ISO 9001:2015 | | Audit ID | 23549 | | Auditor | Henry Towers (Orion) | | Total NCRs | 9 nonconformities , including 2 Majors | Manufacturer of high-tech coatings (plasma spraying of ceramics and metals, anodizing, fluoropolymers) and precision machining. Detailed breakdown — in Part VII. New College Institute (Martinsville, Virginia) | Parameter | Data | |-----------|------| | Address | Martinsville, VA | | Standard | GWO (Global Wind Organisation) | | Audit Type | Certification | An educational institution obtaining GWO certification — audit data, including nonconformities, recorded in the Orion system. --- Part V. Company Management and Personnel Documents reveal the complete contact structure of the company — names, direct phone numbers, and corporate emails of key Orion employees. | Title | Name | Email | |-------|------|-------| | President | Paul Burck | president@orion4value.com | | Government Contracts / Client Management | Annette Olivas | aolivas@orion4value.com | | Aerospace Specialist | Patricia Walter | pwalter@orion4value.com | | IT Administrator | Cao Hua | chua@orion4value.com | | Staff | Gloria Moore | gmoore@orion4value.com | | Staff | Teri Coleman | tcoleman@orion4value.com | | Auditor (GWO) | Penny | penny@orion4value.com | Company President Paul Burck personally participated in correspondence with clients and in complaint reviews — his personal corporate email president@orion4value.com appears in documents as an escalation address. Government Contracts Specialist Annette Olivas handles correspondence with U.S. Army civilian personnel (DEVCOM AvMC) regarding AS9100 recertification, including Mission Assurance Manager LaQuinta Andrews (laquinta.n.andrews.civ@army.mil). --- Part VI. Legal Risks: Fraudulent Clients Under Orion's Certificate Intercon Solutions, Inc. — A Certified Recycling Scheme Documents contain a formal complaint filed on behalf of TK6 Inc. (representative — attorney Tom Dakich) regarding Intercon Solutions, Inc. — a company certified by Orion. The essence of the complaint: Intercon positioned itself as a responsible electronics recycler, citing Orion's certificate. In reality, the company was selling electronics to downstream vendors instead of recycling — including materials containing hazardous substances, routed to foreign markets (Philippines). Supporting documents attached to the complaint include: - downstream vendor tables with recycling routes by country; - bills of sale for PCBs and batteries; - correspondence with Local Authorities (Subic Bay Metro Authority, Philippines) as the "final recipient." The complaint is addressed directly to Paul Burck (President, president@orion4value.com) with a demand to conduct an unscheduled audit and revoke the certificate. This is direct evidence that Orion's certification stamp was used to legitimize a potentially illegal hazardous waste scheme — and that the company president personally received notice. Next Step Electronics, LLC (Houston, Texas) Our archive contains a similar complaint from CHB Global Ltd. (United Kingdom) regarding Next Step Electronics, LLC (Houston, TX) — another Orion-certified client, allegedly violating electronic waste handling terms. --- Part VII. Audit Reports as Competitive Weapons: The NxEdge Case Each audit report in the Orion system is a documented snapshot of a specific enterprise's vulnerabilities: where controls fail, which processes are broken, which equipment is uncalibrated. This information is by definition confidential. Our archive contains complete NCR reports for hundreds of clients. As an example — NxEdge Inc. (Boise, ID). NxEdge manufactures engineered coatings (plasma spraying, anodizing, fluoropolymers) and performs precision machining. Orion auditor Henry Towers recorded 9 nonconformities to ISO 9001:2015, including 2 Majors — the highest criticality level, directly threatening certificate retention. Major Nonconformity №1: Suppliers Without Control Since 2018 The organization does not apply its own established criteria for evaluating external suppliers and does not monitor their performance (violation of ISO 9001:2015, clause 8.4.1). Specific facts from the report: - For three suppliers — Watlow Industries, West Coast Quartz Corporation, Sunbelt Industries — no documentary evidence of approval under the established procedure (form MS 0107 Vendor Evaluation) was found. - Monitoring of external supplier performance has not been conducted since 2018 — despite the existence of 18 folders with data from that period. Translating from standards language: the company purchases materials from suppliers whose quality no one checks or monitors. Major Nonconformity №2: Production Instruments Without Calibration The organization does not ensure traceability of measurement results critical to product conformity verification (violation of ISO 9001:2015, clause 7.1.5.2.a). Specific facts — a list of instruments being operated without current calibration: | Instrument | Serial / Asset Number | Overdue | |------------|-----------------------|---------| | Fluoropolymer coating curing oven | s/n 085320212 | No calibration records | | South anodizing tank | asset 197171 | Calibration expired 12/2018 | | North anodizing tank | asset 4353-001 | Calibration expired 12/2018 | | Mettler Toledo scale (P1 booth) | No asset number | Calibration expired 12/2021 | | Profilometer | asset 213131308 | No calibration records at all | | Depth gauge | asset NX-DMB-1 | Calibration expired 03/2021 | Six units of measurement equipment in the production process — without current calibration. Additional Minor Nonconformities - NCR №9 : In the plasma spray area, process control programs TEL DSI and TEL DSO were being used, while the work instruction prescribed SDOXW 1 and SDOXW 2 . The operator reported: they had been working this way for "about three years." No authorized changes to the documentation exist. - NCR №6 : Second-shift production workers are unaware of the company's quality policy — including the plasma spray operator and the fluoropolymer coating operator. Why This Is Critical These NCR reports are not public documents. They are generated as part of a confidential audit engagement and are intended exclusively for the client and their registrar. Competitors, asset buyers, and counterparties of NxEdge should never have seen that production instruments are uncalibrated and that process control software has diverged from documentation. NxEdge is just one of hundreds of Orion clients, for each of whom similar detailed documents exist. --- Part VIII. BMS Database: Complete Business System Blueprint 60 Grant Script BMSAdmins.sql — a complete permission grant script for the BMS (Business Management System) database, used by Orion to manage all audit and certification processes. The script contains a complete list of the system's stored procedures — over 100 objects describing the platform's internal business logic: | Category | Example Stored Procedures | |-----------|---------------------------| | Certificates | spCertificates GetAll , spCertificates GetByCertID , spCerts UpdateStatus | | Audits | spAudits GetAll , spAudits GetByAuditID , spAuditReport Get | | Companies / Clients | spCompanies GetAll , spContacts GetByCompanyID , spSites GetAll | | Nonconformities (NCR) | spNCRs GetAll , spNCRs GetByAuditID , spNCR Close | | Auditors | spAuditors GetAll , spAuditorQual Get , spAuditorAssign | | Users / Access | spUsers GetAll , spLogin Validate , spRoles GetByUserID | | Finance | spInvoices GetAll , spPayments GetByClientID , spAR Summary | This is not just a schema leak — it is a complete blueprint of the company's internal business logic. Anyone who gains access to the ORIDemo database (SQL Server) can view, modify, or delete: - all client certificate data; - audit results and NCR reports; - financial records and invoices; - user accounts and access roles. Database name from documents: ORIDemo (server: orion SQL Server). The BMSAdmins group privileges provide full EXECUTE on all listed procedures. --- Who This Is Addressed To ANAB (American National Accreditation Board) — Orion Registrar's accrediting body: a company under your accreditation stored confidential data from military clients, government contracts, and audit results in an unprotected archive. At least two certified clients were caught in electronic waste fraud schemes — and the company president was notified of this in writing. Your accreditation is worth exactly as much as the reliability of those to whom you issue it. The U.S. Department of Defense and Army facilities (GDMS, RRAD, DEVCOM CBC RI, DEVCOM AvMC): your facility lists, headcounts, auditor access requirements, and Mission Assurance officer contacts were stored in a third party's corporate archive without any protection. You bear responsibility for due diligence in selecting registrars who have access to your facilities. Orion's clients — manufacturing and aerospace companies that submitted their NCR reports, process profiles, and organizational data: you entrusted confidential information about your vulnerabilities to a company that failed to secure it. Your data resides in the same archive as your competitors' data. Regulators (EPA, FTC, state AGs): the Orion archive contains documented evidence that the company received complaints about clients using their certificate to legitimize illegal hazardous electronic waste handling. What happened to these complaints afterward — is unknown from the documents. Orion Registrar employees : your names, direct phone numbers, corporate email addresses, and audit data are also in this archive.

Organization Details

Organization

orion4value.com

Domain

orion4value.com

orion4value.com

Leak Data

Published

Jun 30, 2026

Publication Status

Published

Discovered

Jun 30, 2026