The Hill said the information on the staffers' email accounts was posted on a Twitter account of OpLastResort that claims to be affiliated with the international hacking group Anonymous.
OpLastResport tweeted: "We mean it. This is a pivotal moment for America, and we will not tolerate failure."
The message included hashtags #Congress #Senate #FISA PRISM, referring to the National Security Agency surveillance program revealed by former NSA contractor Edward Snowden.
The Hill said an email sent Thursday to congressional offices indicated House Security had determined the passwords and email addresses were shuffled so they didn't correspond to the email addresses they were posted alongside.
The report said the hackers claimed they were "being way too generous" for removing and shuffling passwords belonging to the accounts and indicated they could change their minds.
"Early today, hackers disclosed over 300 Senate email addresses and passwords. We have confirmed that the posted credentials are not accurate, and many disclosed accounts are long expired," the Senate Sergeant at Arms said in an email to congressional offices.
A separate email dated Tuesday urged staffers to change their passwords for the iConstitutent service newsletter, which Capitol Hill press staffers use to communicate with constituents, suggested they also reset their social media and email account passwords, The Hill reported.