We have a PHP development and our logs tell us that someone is getting in using cookies and deleting files .They seem to be logging in from multiple IP addresses (different one each time) .Is it likely to be one person or something else ?