My MEW got hacked and my tokens were stolen. I am very careful when putting my address on each bounty campaign and never sign up online which require any private key. I don't really know how I get phish or how hacker accessed my MEW. I learned my lesson and will never use private key again. Do you have any idea how I get phish? I got one in mind that a fake mew site does exist?
Can you provide us the screenshot of the MEW website you logged in? like what BigBoy89 said there are many MEW phishing sites. If the URL is the same with MEW's address then there's something wrong
https://www.myetherwallet.com/Bookmarking the MEW website and using metamask adds security you better use that and stops typing the site manually.