diff --git a/keystonemiddleware/auth_token/_cache.py b/keystonemiddleware/auth_token/_cache.py
index 8b9b178e..c2828b5e 100644
--- a/keystonemiddleware/auth_token/_cache.py
+++ b/keystonemiddleware/auth_token/_cache.py
@@ -239,6 +239,10 @@ class TokenCache(object):
             serialized = serialized.encode('utf8')
         data = self._deserialize(serialized, context)
 
+        if data is None:
+            # In case decryption fails, e.g. data corrupted in memcached.
+            return None
+
         if not isinstance(data, str):
             data = data.decode('utf-8')
 
diff --git a/keystonemiddleware/tests/unit/auth_token/test_cache.py b/keystonemiddleware/tests/unit/auth_token/test_cache.py
index d3e279bf..c6fcbcbf 100644
--- a/keystonemiddleware/tests/unit/auth_token/test_cache.py
+++ b/keystonemiddleware/tests/unit/auth_token/test_cache.py
@@ -13,6 +13,7 @@
 import uuid
 
 import fixtures
+from unittest import mock
 
 from keystonemiddleware.auth_token import _cache
 from keystonemiddleware.auth_token import _exceptions as exc
@@ -122,6 +123,25 @@ class TestLiveMemcache(base.BaseAuthTokenTestCase):
         token_cache.set(token, data)
         self.assertEqual(token_cache.get(token), data)
 
+    @mock.patch("keystonemiddleware.auth_token._memcache_crypt.unprotect_data")
+    def test_corrupted_cache_data(self, mocked_decrypt_data):
+        mocked_decrypt_data.side_effect = Exception("corrupted")
+
+        conf = {
+            'memcached_servers': ','.join(MEMCACHED_SERVERS),
+            'memcache_security_strategy': 'encrypt',
+            'memcache_secret_key': 'mysecret'
+        }
+
+        token = uuid.uuid4().hex.encode()
+        data = uuid.uuid4().hex
+
+        token_cache = self.create_simple_middleware(conf=conf)._token_cache
+        token_cache.initialize({})
+
+        token_cache.set(token, data)
+        self.assertIsNone(token_cache.get(token))
+
     def test_sign_cache_data(self):
         conf = {
             'memcached_servers': ','.join(MEMCACHED_SERVERS),
diff --git a/releasenotes/notes/fix-cache-data-corrupted-issue-d1bd546625690581.yaml b/releasenotes/notes/fix-cache-data-corrupted-issue-d1bd546625690581.yaml
new file mode 100644
index 00000000..bf504937
--- /dev/null
+++ b/releasenotes/notes/fix-cache-data-corrupted-issue-d1bd546625690581.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    In situation of encryption using memcached. Its possible that data
+    in memcached becomes un-decryptable. The previous implementation
+    of token cache was not correctly handling the case.