What do you have running as your homepage microflow? Also check the permissions of your users that are logging in. The login widget will never delete the users, so it must be something to do with your entity security permissions, a microflow that is running as a homepage microflow, or some form which is running an action to delete the accounts. Try right clicking on your user entity in the domain model and click find microflow actions. Then select delete and you can see where any deletes occur.
We have consulted with mendix and they say that there are two ways in which this issue will be fixed.
The first methode is to edit the login widget to avoid people from pressing the button twice. In our login widget java script we check if the button is pressed again with the same username and password as the previouse time and if this is the case we disable the button this.submitButton.setAttribute("disabled","true"); Since we implemented this we did not have any problems anymore.
The second methode is to step over to version 5.10 in which mendix has implemented a platform fix for the bug. I have not tested this yet, since this release is not out at this current moment
And also check your delete behaviour. It could be that when deleting one entity due to the delete behaviour anouther entity is also deleted.
Ronald