Kia Wouldn’t Tell Me the Location of My Stolen Car Quickly Enough

Mobile Network Technology Can Help Carmakers to Improve Theft Recovery Rates

It’s now easier to hack and then steal many modern cars than to nick a phone that costs a fraction of the price of a car. Also, it’s considerably easier to track the location of a stolen mobile phone than to find a car that has been taken by a thief. This is crazy because all modern cars and phones contain the same mobile technologies. Both have mobile radio connectivity, satellite GPS chips for location fixes and modern smart operating systems.

At 1:09 AM on Wednesday 18 March, my Kia EV6 was stolen in under 30 seconds. This wasn’t a signal-relay attack — my car keys were inside my home in a Faraday box that blocks wireless signals. No, the thief simply walked up to the car, hacked it from the outside, got in and drove off without having the keys or any access to the keys. And yes, this car did have an immobiliser. I have it all on video:

This isn’t surprising. In 2026, Kia cars are 3.4 times more likely to be stolen in the UK than they were in 2016. Kia ties for the greatest increase in theft rate with Toyota, among the 26 largest UK car brands — those that have over 250,000 licensed cars on the road. But the increased amount of mobile technology that modern cars include should be making car thefts harder, not easier.

There are strong parallels between car and smartphone theft. Both cars and phones include mobile phone radios, satellite location chips, short-range wireless connectivity and sophisticated software that can be updated over-the-air. But while the phone industry has greatly strengthened theft protection measures in recent years, the situation in the car industry is worse. Given the big increase in Kia’s theft rate and how easy it was to steal this car, it’s clear that the manufacturer hasn’t learnt from the mobile industry on how to minimize the theft risk and maximize the chance of recovery.

The Timeline of the Theft and Recovery Attempts

When the car was stolen, I was on the west coast of the US at Nvidia’s GTC event. It was about 6 PM in the US when I received a notification that my Kia Connect owners’ app had been deactivated. This meant I could no longer see the location of the car. Apparently, anyone physically inside the Kia EV6 can deactivate the Kia app and mobile connectivity service without requiring any authentication. This is the opposite of how modern smartphones work: they require a password to remove the activation lock, without which the phone can’t be used by anyone else.

On seeing the notification from the Kia app, I checked my home camera and saw the video of the car being stolen. I woke my partner and she reported the theft to the police 10 minutes after it occurred. She passed the location of the car to the police based on an AirTag hidden inside the car. It was moving along London’s inner ring road, the North Circular Road, which has numerous police cameras on it. The AirTag stopped moving about 40 minutes later. When my partner visited the spot that afternoon, she found a discarded AirTag.

As an anti-stalking measure, AirTags advertise their presence, and this is how the thief will have known there was an AirTag in the car. Apple advises against relying on AirTags to track stolen items, but the devices are increasingly being built into objects like bikes, so this will become a more common use. One option would be for Apple to allow an AirTag owner to mark a tag as stolen, after which it wouldn’t warn people of its presence for a period to allow recovery. Because AirTags must be tied to an Apple account, Apple could minimize the stalking risk by limiting the number of times that an owner can set an AirTag as stolen.

Without the AirTag, I had to rely on Kia and the car’s built-in mobile technology to track its location, but Kia was slow to respond to numerous requests. As the thief had deactivated the Kia app, only Kia could use the mobile network to track the car now. During the four days after the theft, I raised eight tickets with Kia’s customer care and the Kia Connect team, which is only contactable through a web form. Kia was extremely slow to respond:

LocationDate and time of fixWhen Kia shared itDelay in sharingWhat happened
Muswell Hill18 March, 12:47 PM20 March, 9:33 AM1 day, 20 hours, 46 minutesVisited that day, the car was gone.
Dartford22 March, 4:09 PM23 March, 8:44 AM14 hours, 35 minutesReported to the police, they visited 50 minutes later, but the car was gone.
Lithuania29 March, 12:25 PM to 30 Match, 10:54 AM2 April, 9:11 AM2 days, 22 hours, 17 minutesNot recoverable. Car exported.

With the extensive amount of mobile technology built into the car, Kia should’ve been able to provide location fixes in real time. The car had a built-in cellular radio and a GPS location chip. It included an eCall system that automatically calls the emergency services with the location of the vehicle in the event of a crash. Also, mobile network operators must always know the position of any connected cellular device so they can route calls to it — this will identify the mobile cell the car connected to even if the on-board car systems have been hacked and no longer share the GPS fix.

Toyota, Kia and Hyundai Have Seen the Greatest Jump in Theft Rate

Unlike Kia, other car manufacturers have successfully improved their theft rate in recent years. BMW, Mini, Audi, Seat and Volkswagen have all dropped down the rankings of most stolen car brands. Kia is joined by Toyota and sister brand Hyundai — whose cars share technology with Kia — in topping the charts of the brands with the greatest increase in car theft rate.

Although Land Rover has the highest theft rate, it has improved enormously in recent years. Since a peak in 2022, Land Rover has more than halved its theft rate. This proves that improvement is possible. Looking at the theft rate for the 28 largest UK car brands that have more than 250,000 licensed cars on the road, it’s striking that most of the most stolen brands are premium brands — but Kia isn’t a premium brand.

Recommendations: Kia UK Should Learn from the Smartphone Industry and Kia US

There are multiple issues here, including: the car was far too easy to hack and then steal. If security updates to prevent hacks and thefts existed, Kia hadn’t installed them. Tracking the car was slow and cumbersome. Kia was hard to contact about the theft. Kia’s insistence that it provided information to the police was also not matched by what different parts of the police told me. In practice, every time I passed on location information to the police that Kia had given me, the police were grateful and didn’t already have it.

For this blog article, we spoke with several automative technology companies, including mobile network operators that provide car connectivity, automotive security suppliers and specialists in systems such as eCall. Despite repeated requests, Kia UK declined to comment.

The issues we’ve identified should be a major concern for Kia, because they’ll hurt its business. High theft rates put up owners’ insurance premiums and will make Kia cars less desirable to own. It’ll hurt residual values for second-hand cars, and this will also discourage buyers of a new model. Thefts and poor recovery processes also waste valuable police time.

We’ve identified several areas for improvement:

  1. Have a direct phone number to call to report and manage thefts. Kia US provides a single phone number to call about thefts and has a specific Stolen Vehicle Recovery programme, unlike Kia UK. By contrast, in Europe, Kia customer services can’t help with thefts or location fixes. Instead, owners must contact the separate Kia Connect team, which is only contactable through a web form. This isn’t widely advertised, and owners may waste time contacting Kia customer services first.
  2. Set up systems to provide the location in real-time. I suspect that Kia had to request each location fix individually from its mobile connectivity provider, which is slow. This isn’t good enough. Kia should be able to provide the current location of a stolen vehicle in real time. Otherwise, delays in providing a location will waste police and owners’ time because the car is likely to have been moved.
  3. Strengthen software security. Learn from the smartphone industry, use compartmentalized systems, secure boot, trusted enclaves and so forth. It should be impossible to hack a car and drive away without access to the keys.
  4. Ensure all important software can be updated over-the-air. With a mobile radio, there’s no reason that modern cars should have to return to a dealer for a security update. For example, Xiaomi’s electric vehicles are updated at the factory using a private 5G network now. Why? As a manufacturer of smartphones and cars, Xiaomi is taking best mobile practices to other devices.
  5. If a security issue emerges, proactively let owners know. There’s no security through obscurity with the speed of communication on the internet. Even if a car company can’t yet provide a fix, in the interim if owners know that there a security issue exists, they can mitigate the risk. For example, a Kia owner could use aftermarket steering wheel locks or — as Reddit advises — park cars in valet mode that requires a PIN to be entered before the car can be driven. Car makers should follow the best practices from software and mobile phones on disclosing security threats to users.
  6. Be open about what dealer updates fix. Kia may, or may not, have an update that would’ve made my car harder to steal. Unfortunately, Kia’s dealers just say there’s an update available but not what it includes. On request, if pushed, they sometimes provide additional information. Kia should say clearly if an update is urgent for security (or safety) reasons so owners can prioritize getting updates installed.
  7. Implement smartphone-style activation locks on cars. It should be impossible for someone to deactivate Kia Connect without an owner’s password. If there’s a concern about leasing plans, or rentals, there can be different modes based on whether a person has full ownership of the vehicle. Kia should consider copying other car brands and having an option that a driver must always enter a PIN before they can drive, even if they appear to have the key.
  8. Allow Kia owners to see information about their last car. When the Kia app was deactivated, I lost access to key information about my car, including the IMEI of the mobile radio and the vehicle identification number I needed to tell Kia that I was the owner of the car so it would share location data with me. Similarly, Kia said that it deletes information about the owner immediately on deactivation — Kia should retain it for at least two weeks to assist with stolen vehicle recovery. This retention is already allowed under Kia’s current privacy policy.
  9. Use mobile network-based positioning. 5G-Advanced has the capability for a mobile network operator to determine the position of a cellular device to an accuracy of a few meters. This works for any connected device whether it has a satellite GPS location chip or not. Such positioning technology isn’t widely deployed — Ericsson made a major positioning product announcement in February 2026. This is a new potential revenue stream for mobile operators that car insurers, car brands and mobile operators should embrace.
Written by:
Posted on 1 July 2026
Share