diff --git a/CTFd/utils/scores/__init__.py b/CTFd/utils/scores/__init__.py
index c0eee53..be3823a 100644
--- a/CTFd/utils/scores/__init__.py
+++ b/CTFd/utils/scores/__init__.py
@@ -168,6 +168,7 @@ def get_team_standings(count=None, admin=False):
             db.session.query(Teams.id.label("team_id"))
             .join(sumscores, Teams.id == sumscores.columns.team_id)
             .filter(Teams.banned == False)
+            .filter(Teams.hidden == False)
             .order_by(sumscores.columns.score.desc(), sumscores.columns.id)
         )
 
diff --git a/requirements.txt b/requirements.txt
index 373961f..866477b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -24,6 +24,7 @@ gevent==1.4.0
 python-dotenv==0.9.1
 flask-restplus==0.12.1
 pathlib2==2.3.2
-flask-marshmallow==0.9.0
-marshmallow-sqlalchemy==0.15.0
+flask-marshmallow==0.10.1
+marshmallow-sqlalchemy==0.17.0
 boto3==1.9.39
+marshmallow==2.20.2
diff --git a/tests/teams/test_hidden_team_scores.py b/tests/teams/test_hidden_team_scores.py
new file mode 100644
index 0000000..4f580c2
--- /dev/null
+++ b/tests/teams/test_hidden_team_scores.py
@@ -0,0 +1,92 @@
+from tests.helpers import (
+    create_ctfd,
+    destroy_ctfd,
+    login_as_user,
+    gen_challenge,
+    gen_flag,
+    gen_user,
+    gen_team,
+)
+from CTFd.models import Teams
+
+from CTFd.utils.scores import get_standings, get_team_standings
+
+
+def setup_app(app):
+    user1 = gen_user(app.db, name="user1", email="user1@ctfd.io")
+    team1 = gen_team(app.db, name="team1", email="team1@ctfd.io")
+    user1.team_id = team1.id
+    team1.members.append(user1)
+    team1.hidden = True
+
+    user2 = gen_user(app.db, name="user2", email="user2@ctfd.io")
+    team2 = gen_team(app.db, name="team2", email="team2@ctfd.io")
+    user2.team_id = team2.id
+    team2.members.append(user2)
+
+    gen_challenge(app.db)
+    gen_flag(app.db, 1)
+
+    app.db.session.commit()
+
+    with login_as_user(app, name="user1") as client:
+        flag = {"challenge_id": 1, "submission": "flag"}
+        client.post("/api/v1/challenges/attempt", json=flag)
+
+    with login_as_user(app, name="user2") as client:
+        flag = {"challenge_id": 1, "submission": "flag"}
+        client.post("/api/v1/challenges/attempt", json=flag)
+
+
+def test_standings():
+    app = create_ctfd(user_mode="teams")
+
+    with app.app_context():
+        setup_app(app)
+
+        standings = get_standings()
+
+        assert standings[0].name == "team2"
+        assert standings[0].score == 100
+
+    destroy_ctfd(app)
+
+
+def test_team_standings():
+    app = create_ctfd(user_mode="teams")
+
+    with app.app_context():
+        setup_app(app)
+
+        team_standings = get_team_standings()
+
+        first_team = Teams.query.filter_by(id=team_standings[0].team_id).first_or_404()
+
+        assert first_team.name == "team2"
+        assert first_team.score == 100
+
+
+def test_admin_standings():
+    app = create_ctfd(user_mode="teams")
+
+    with app.app_context():
+        setup_app(app)
+
+        standings = get_standings(admin=True)
+
+        assert standings[0].name == "team1"
+        assert standings[0].score == 100
+
+
+def test_admin_team_standings():
+    app = create_ctfd(user_mode="teams")
+
+    with app.app_context():
+        setup_app(app)
+
+        team_standings = get_team_standings(admin=True)
+
+        first_team = Teams.query.filter_by(id=team_standings[0].team_id).first_or_404()
+
+        assert first_team.name == "team1"
+        assert first_team.score == 100