As I understand it, it's typically done with browser "cookies", small files download to your browser. AW accounts get linked if you log on to a different AW account using a browser that already has a stored cookie from a different AW user, typically because you have borrowed a WG's device, or she has borrowed yours. It can be avoided by not doing that, or by clearing browsing history and cookies between uses, or by using different browsers on the same device (as each browser has its own cookie store).
Hard to see how this could have happened here, unless AW are also monitoring multiple logins from the same IP address (but it would have to be an unsecured open WiFi, and both would have to log in to AW on it).
The most likely scenario is that somebody else has used your phone to create and log into a separate AW account.
If you are married, be afraid!