During AD synchronization (via ConnID AD - JNDI - connector bundle) returned connector objects about deleted objects don't have any profile attribute specified (see https://connid.atlassian.net/browse/AD-36).
If a sync posicy is specified to perform a correlation among one or more internal profile attributes, the first user with no values about that attribute will match this correlation rule and maybe removed.
The query has to be changed in order to avoid this behavior (for delteted object and creted-updated):
1. if one or more connector object attributes related to the correlation rule don't exist avoid the query execution ... no match
2. if all the connector object attributes related to the correlation rule exist then perform the query as is