The self-proclaimed leader of international hacking group Lulz Security has been arrested in Sydney by Australian Federal Police.

The AFP says the 24-year-old man from the Gosford suburb of Point Clare, who claims to be in charge of Lulz Security, or LulzSec, was arrested yesterday.

The man, known online as Aush0k, is a senior Australian IT professional who works for the local arm of an international IT company.

Police say he was in a "position of trust" within the company and had access to information on government clients.

The AFP says its investigation began less than two weeks ago when investigators found a government website had been compromised.

The man has been charged with two counts of unauthorised modification of data to cause impairment and one count of unauthorised access to a restricted computer system.

He faces a maximum of 12 years in jail.

Who is LulzSec? Motto: "The world's leaders in high-quality entertainment at your expense"

"The world's leaders in high-quality entertainment at your expense" The group was launched in May 2011

The group was launched in May 2011 Timeline: Read about LulzSec's high-profile hacks

Read about LulzSec's high-profile hacks Sony, CIA, UK tabloid The Sun are among its victims

Sony, CIA, UK tabloid The Sun are among its victims LulzSec says it launched attacks "for fun" and to expose poor security systems

LulzSec says it launched attacks "for fun" and to expose poor security systems The group is believed to have between six and 11 members based in the US, the UK and Australia

The group is believed to have between six and 11 members based in the US, the UK and Australia The group's leader Sabu was arrested in 2012 and reportedly became an FBI informer as part of a plea deal

LulzSec has previously claimed responsibility for high-profile hacking attacks, including one which took the CIA website offline.

The 24-year-old man is the first alleged member of the group to be charged by the AFP.

AFP Commander Glen McEwen says the man worked for an IT company.

"This man is known to international law enforcement and police will allege he was in a position of trust within the company with access to information from clients including government agencies," he said.

Commander McEwen says the man posted in online forums frequented by other members of LulzSec that he was the group's leader.

"There was no denials of his claims of being the leader," Commander McEwen said.

He says the man also discussed the claims with the AFP.

The LulzSec group allegedly broke into Australian Government departments, universities and schools in 2011.

Some of the targets included AusAid, Victorian Government departments and local councils in Victoria and New South Wales.

Passwords for email accounts within eight Australian universities were leaked, along with the logins for two high schools in Queensland and Melbourne.

Commander McEwen says the AFP acted swiftly on information about the alleged hacker.

"Yesterday's arrest comes less than two weeks after the AFP first discovered the offender's alleged hacking activity," he said.

"The AFP will not tolerate the attempts of hackers to damage or destroy the online property of Australian individuals, companies or national infrastructure resources."

The man was charged and appeared in court yesterday. He will face Woy Woy Local Court again on May 15.

Sorry, this video has expired AFP Commander Glen McEwen discusses hacking arrest

Commander McEwen says the seriousness of the crime is not about the magnitude of damage done, but the breach of security.

"The potential for such access has huge ramifications for society," he said.

"There was a decision made that the early intervention was something that needed to be activated on because the potential for damage is immeasurable.

"I just need to really make that extremely clear to everybody out there, that this is not harmless fun."

Hacking rampage

The hacking group's Twitter account has not been used since 2011, when the hackers announced their online rampage was over.

The "planned 50-day cruise has expired", the group said in a statement at the time.

"For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could," the group said.

"It is time to say bon voyage. We must now sail into the distance."

LulzSec claimed responsibility for hacking into Sony Picture Entertainment servers in 2011 and accessing the personal information of more than 1 million customers.

The group also allegedly hacked the US Public Broadcast Service (PBS), and published thousands of usernames and passwords of employees.

The now defunct Lulzsec was an offshoot of hacking group Anonymous, and was engaged in exposing poor internet security and wreaking internet havoc in line with its catch phrase, 'For the lulz'.