The figure is revealed in the 2023 annual report for the university, which shows that the third-level institution recorded a pre-tax surplus of €3.9m for the 12 months to the end of last September.
In her report, college bursar Sharon Bailey records that in September 2022, the university changed its trading name to the University of Galway.
“This was the result of a major university-wide project involving expert-led market analysis and extensive stakeholder engagement,” she said.
Ms Bailey added that the cost of rebranding in 2022/23 was €390,000 and this followed a combined spend of €480,000 over the prior two years. The rebrand is now complete.
On the university recording a pre-tax surplus of €3.9m, Ms Bailey states that, due to the pandemic and a cyber incident, it “made an active decision to invest prior unplanned surpluses” into services and supports in order to deliver upon the university’s strategy.
The college’s consolidated income increased by €23.74m, or 6.5pc, to €386.06m, with academic fees accounting for €130.88m while state grants totalled €76.4m.
The university’s expenditure also increased by 6.5pc to €382.14m with staff costs accounting for €231.47m of the 2023 spend. The costs include non-cash costs of €15.88m.
Ms Bailey reports that the university spent €72m on fixed assets and assets in the course of construction.
The annual report also discloses that in April 2023, the university’s Information and Solution Services (ISS) department was alerted to suspicious email activity.
It became apparent “that a sophisticated phishing and social engineering campaign had been perpetrated, resulting in unauthorised access to a University of Galway fees office shared mailbox”.
The report states that this, in turn, resulted in fraudulent activity which resulted in a payment from a partner university being misdirected to a Bank of Ireland Tallaght branch which was falsely claimed by the fraudsters to be a University of Galway bank account.
In a separate incident, €29,000 was paid into a fraudulent bank account after a “supplier’s systems were hacked” and “while the supplier was aware of the hacking, they failed to advise any of their customers”.