diff --git a/kfet/tests/test_views.py b/kfet/tests/test_views.py
index e69c81d9..3baed2c3 100644
--- a/kfet/tests/test_views.py
+++ b/kfet/tests/test_views.py
@@ -3,7 +3,7 @@ from datetime import datetime, timedelta
 from decimal import Decimal
 from unittest import mock
 
-from django.contrib.auth.models import Group
+from django.contrib.auth.models import Group, User
 from django.test import Client, TestCase
 from django.urls import reverse
 from django.utils import timezone
@@ -4151,12 +4151,18 @@ class HistoryJSONViewTests(ViewTestCaseMixin, TestCase):
     url_expected = "/k-fet/history.json"
 
     auth_user = "user"
-    auth_forbidden = [None]
+    auth_forbidden = [None, "noaccount"]
 
     def test_ok(self):
         r = self.client.post(self.url)
         self.assertEqual(r.status_code, 200)
 
+    def get_users_extra(self):
+        noaccount = User.objects.create(username="noaccount")
+        noaccount.set_password("noaccount")
+        noaccount.save()
+        return {"noaccount": noaccount}
+
 
 class AccountReadJSONViewTests(ViewTestCaseMixin, TestCase):
     url_name = "kfet.account.read.json"
diff --git a/kfet/views.py b/kfet/views.py
index 3122636b..9d2d2c09 100644
--- a/kfet/views.py
+++ b/kfet/views.py
@@ -1423,10 +1423,13 @@ def history_json(request):
         )
 
     if not request.user.has_perm("kfet.is_team"):
-        acc = request.user.profile.account_kfet
-        transfer_queryset_prefetch = transfer_queryset_prefetch.filter(
-            Q(from_acc=acc) | Q(to_acc=acc)
-        )
+        try:
+            acc = request.user.profile.account_kfet
+            transfer_queryset_prefetch = transfer_queryset_prefetch.filter(
+                Q(from_acc=acc) | Q(to_acc=acc)
+            )
+        except Account.DoesNotExist:
+            return JsonResponse({}, status=403)
 
     transfer_prefetch = Prefetch(
         "transfers", queryset=transfer_queryset_prefetch, to_attr="filtered_transfers"