A breach is always an incident, but not all incidents are breaches. A breach occurs when sensitive, personal information is leaked, hacked or released (whether accidentally or through illegal action). This would involve access to personal information which should be confidential, such as; social security or identity numbers, medical records, contact details, etc. Specific legal definitions are applied in this case.
When a security incident occurs, but does not involve the theft or compromising of personal information, it is not considered a breach. These incidents usually take the form of impersonation or denial of service (where a user is blocked from accessing their own machine or network).
