that wouldn't happen on the normal app- there's no cron job to do such a thing. Potentially you're seeing some incompatibilities due to a wrong version of PHP or MySQL? Can you check the backend joborder database and see if they're actually deleted out the table?
Otherwise - potentially malicious behaviour? You should see a log in the apache access log showing if someone's actually deleted them