RIVERVIEW, Fla. - The frown on her face told neighbors what they needed to know.
"Some people just make bad choices," said neighbor Danielle Snipe.
Carlista Hawls made 225 of them according to IRS investigators. They say those bad choices made her a whole heap of money -- more than most of us earn in a lifetime.
"It was alleged that she and her co-conspirators filed refunds in excess of $1.5-million of which she and her co-conspirators received an excess of a half-million dollars," said IRS Special Agent Casimir Tyska.
IRS Special Agents say Hawls and another women named Tanya Cullens were raking in the cash in mailboxes from Florida, to North Carolina, all the way to California. They say the money was stolen from taxpayers who never knew their personal information had been stolen that the women had fraudulently e-filed their tax returns.
"These days are coming now where we're making contact with these people and putting them in jail and they are shocked when we knock on their door," said Hillsborough County Sheriff's Corporal Bruce Crumpler.
The IRS says Cullens worked as a contracted housekeeper inside University Community Hospital which is now called Florida Hospital. Documents show she gained access to the names and social security numbers of Emergency Room patients.
"Some of the information that she used to file the fraudulent tax returns were from that list that was obtained from there," said IRS Special Agent Tyska.
The stolen list was dated January 17, 2012 and had self-pay patient names on it who were filing for Medicaid.
224 people who became part of Hawls' and Cullens' payday.
"A lot of people are going to get their taxes back slow this year just because of things that they're doing and it's not right for us," said her neighbor.
Documents show a third tax fraud suspect named Kenyon Williams was arrested in California.
Florida Hospital put out a statement that reads:
"At Florida Hospital Tampa, our first priority is taking care of our patients and ensuring their safety, security and privacy at all times. We take any breach of personal healthcare information very seriously. Unfortunately, we recently learned that personal information relating to 45 of our patients had been compromised in January 2012. These patients have been notified and we are fully cooperating with investigating agencies. We deeply regret that this incident occurred. We remain committed to the protection of our patients personal information. In April 2012, the hospital implemented electronic health records to further enhance the privacy and security of the information we are entrusted with."