The teen was arrested in Essex, U.K. on Monday night in on suspicion of violating the country's Computer Misuse Act and Fraud Act, police said in a news release Tuesday. He is currently being held for questioning at a central London police station.
“The arrest follows an investigation into network intrusions and distributed denial-of-service attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group,” the Metropolitan Police said.
Following the arrest, police seized computer equipment, which now is undergoing a forensic examination.
Several news reports have identified the man as Ryan Cleary of Wickford, Essex, though police have not confirmed his identity, nor his association with any group.
Though authorities did not specifically mention LulzSec, many reports say the suspect is a member of the collective, which has claimed responsibility for recent attacks against PBS, Sony, InfraGard of Atlanta, the CIA and the U.S. Senate.
But on its Twitter page Tuesday, LulzSec played down the suspect's involvement with its operations.
“Ryan Cleary is not part of LulzSec. We house one of our many legitimate chat rooms on his IRC server, but that's it,” the group tweeted, later adding “Clearly the U.K. police are so desperate to catch us that they've gone and arrested someone who is, at best, mildly associated with us. Lame.”
The arrest could ultimately serve as a deterrent for other hackers, Graham Cluley, senior technology consultant at Sophos, said in a blog post Thursday.
“There has been much speculation recently regarding who might be behind LulzSec," he wrote. "If the police believe that they have cracked the group, then a strong message will be sent to others considering engaging in illegal acts such as malicious hacking and denial-of-service attacks."
Meanwhile, in its latest dispatch, LulzSec announced it was teaming up the hacktivist group known as Anonymous to launch "Operation Anti-Security," a mission to expose government and corporate corruption by way of stealing and leaking classified data.