A group of security researchers discovered critical flaws in Kia’s dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle’s license plate.