diff --git a/atst/domain/invitations.py b/atst/domain/invitations.py
index a3946399..00797ddd 100644
--- a/atst/domain/invitations.py
+++ b/atst/domain/invitations.py
@@ -70,6 +70,8 @@ class Invitations(object):
         invite = Invitations._get(token)
 
         if invite.user.dod_id != user.dod_id:
+            if invite.is_pending:
+                Invitations._update_status(invite, InvitationStatus.REJECTED)
             raise WrongUserError(user, invite)
 
         elif invite.is_expired:
diff --git a/tests/domain/test_invitations.py b/tests/domain/test_invitations.py
index 5a2198d9..059a8927 100644
--- a/tests/domain/test_invitations.py
+++ b/tests/domain/test_invitations.py
@@ -75,6 +75,16 @@ def test_wrong_user_accepts_invitation():
         Invitations.accept(wrong_user, invite.token)
 
 
+def test_user_cannot_accept_invitation_accepted_by_wrong_user():
+    user = UserFactory.create()
+    wrong_user = UserFactory.create()
+    invite = InvitationFactory.create(user_id=user.id)
+    with pytest.raises(WrongUserError):
+        Invitations.accept(wrong_user, invite.token)
+    with pytest.raises(InvitationError):
+        Invitations.accept(user, invite.token)
+
+
 def test_accept_invitation_twice():
     workspace = WorkspaceFactory.create()
     user = UserFactory.create()