Up to 90 email accounts were compromised during the cyber attack on Westminster, parliamentary officials have said.
Less than 1% of the system's 9,000 users were directly impacted by the "determined and sustained" attack.
The incident gave rise to blackmail fears after hackers tried to break in to the accounts of MPs, peers and their staff by searching for weak passwords.
Investigations are under way to see whether any data has been lost.
Officials said both Houses of Parliament will meet on Monday as planned after staff worked to ensure the business of Parliament could continue in the wake of the hacking.
A parliamentary spokesman said: "Parliament's first priority has been to protect the parliamentary network and systems from the sustained and determined cyber attack to ensure that the business of the Houses can continue.
"This has been achieved and both Houses will meet as planned tomorrow.
"Investigations are ongoing, but it has become clear that significantly fewer than 1% of the 9,000 accounts on the parliamentary network have been compromised as a result of the use of weak passwords that did not conform to guidance issued by the Parliamentary Digital Service.
"As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are under way.
"Parliament is now putting in place plans to resume its wider IT services."
The National Cyber Security Centre (NCSC) and National Crime Agency are probing the incident, which came after reports that passwords for Cabinet ministers and MPs were being sold online by hackers.
Tory MP Andrew Bridgen told the Press Association such an attack "absolutely" could leave some people open to blackmail.
He said: "Constituents want to know the information they send to us is completely secure."
A parliamentary spokesman said MPs were informed of the problem via email at 1.40pm on Friday and were sent two further updates.
"All users of the parliamentary computer network were alerted via email at 1.40pm on Friday, once it had become clear an attack was under way during the course of the morning and initial action had been taken to protect the network," he said.
"Two further emails were sent during the course of that day, updating them on the attack, of which the 10.30pm email was the third."