diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index d783ef843..6a76cb047 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -207,6 +207,7 @@ private
     if action_name == "create"
       head :unauthorized and return unless current_user.data_coordinator? || current_user.support?
     else
+      render_not_found and return if @user.status == :deleted
       render_not_found and return unless (current_user.organisation == @user.organisation) || current_user.support?
       render_not_found and return if action_name == "edit_password" && current_user != @user
       render_not_found and return unless action_name == "show" ||