This user exists in Gitlab, all deleted accounts, any issues, etc from deleted accounts will be attributed to the ghost user. A ghost user on my server exists since Dec 2017 probably appeared from what I remember after a Gitlab upgrade. Our server has been running since beginning of 2017, with good security practices by restricting SSH access, regularly doing upgrades, and hasn’t been compromised.