A self-proclaimed leader of the Anonymous offshoot LulzSec has been arrested in Australia, two years after the group disbanded.

Anonymous and LulzSec
Logos used by Lulzsec and Anonymous.

The 24-year-old Point Clare man was the first LulzSec member to be arrested by the Australian Federal Police (AFP) and has been charged with attacking and defacing a government website earlier this month.

LulzSec are an offshoot of Anonymous, the loose online hacktivist collective. The group shot to fame in 2011 when they carried out 50 cyber attacks on 50 consecutive days, before announcing they were disbanding.

Among the high-profile targets hit by the group were Sony Pictures, the CIA and, in the UK, the Serious Organised Crime Agency (SOCA).

The group's most prominent member was known as Hector Monsegur (aka Sabu), who it transpired was working for the FBI as an informant. His information led to the arrest of several LulzSec members in the US, UK and Ireland.

Last week the latest LulzSec member to plead guilty to hacking charges was Brit Ryan Ackroyd. He will be sentenced on 14 May along with Mustafa Al-Bassam, 18, from Peckham, London, Jake Davis, 20, from Lerwick, Shetland and Ryan Cleary, 21, of Essex.

LulzSec, like Anonymous, claimed to have no leadership structure, with each member having an equal say in the actions of the group. Therefore claims that this Australian was the leader of LulzSec will be met with scepticism by many.

The man worked in the IT industry, and he used his position in an IT company to access sensitive information from clients, including government agencies.

His arrest stemmed from an investigation by the AFP's Cyber Crime Operation, which began earlier this month when a compromise was discovered on a government website.

Commander Glen McEwen, the AFP's manager of cyber crime operations, said the impairment or disruption of communications to or from computer networks can have serious consequences.

"Those thinking of engaging in such activities should be warned that hacking, creating or propagating malicious viruses or participating in Distributed Denial of Service attacks are not harmless fun," McEwen said.

The man was bailed to appear in Woy Woy Local Court on 15 May and has been charged with two counts of unauthorised modification of data to cause impairment and one count of unauthorised access to, or modification of, restricted data.

The maximum penalty for these offences is ten and two years respectively.