diff --git a/helios/security.py b/helios/security.py
index 05e99b4e24c87d93cb3bdff211aa180cc3ae8549..0eb218cb7600db6b1f7f51aa12ffd8c9c23132ba 100644
--- a/helios/security.py
+++ b/helios/security.py
@@ -9,6 +9,7 @@ from functools import update_wrapper
 
 from django.core.urlresolvers import reverse
 from django.core.exceptions import *
+from django.http import *
 from django.conf import settings
 
 from models import *
@@ -92,6 +93,9 @@ def election_view(**checks):
     def election_view_wrapper(request, election_uuid=None, *args, **kw):
       election = get_election_by_uuid(election_uuid)
 
+      if not election:
+        raise Http404
+
       # do checks
       do_election_checks(election, checks)
 
diff --git a/helios/tests.py b/helios/tests.py
index 46f7ffc6cd4704f98b266c501f6d5cfcd31ac98b..7dcfe56ff5d394646654e63a3d0da5e92138ac36 100644
--- a/helios/tests.py
+++ b/helios/tests.py
@@ -390,6 +390,10 @@ class ElectionBlackboxTests(WebTest):
         response = self.client.get("/helios/elections/params")
         self.assertEquals(response.content, views.ELGAMAL_PARAMS_LD_OBJECT.serialize())
 
+    def test_election_404(self):
+        response = self.client.get("/helios/elections/foobar")
+        self.assertEquals(response.status_code, 404)
+
     def test_election_bad_trustee(self):
         response = self.client.get("/helios/t/%s/foobar@bar.com/badsecret" % self.election.short_name)
         self.assertEquals(response.status_code, 404)